我尝试不要求对报告视图操作进行身份验证。但是,当我尝试使用设计方法skip_before_action或skip_before_filter时,它仍会将我还原为登录页面。
这是我的应用程序控制器。
class ApplicationController < ActionController::Base
acts_as_token_authentication_handler_for User
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
before_action :require_user
layout :check_layout
protected
def check_layout
devise_controller? ? 'legacy' : nil
end
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email) }
end
private
def require_user
authenticate_user!
end
end
这是我的报告控制器
class ReportsController < ApplicationController
skip_before_action :require_user, only: [:view]
skip_before_action :verify_authenticity_token, only: [:transition]
before_action :check_params, only: [:transition]
before_action :set_report, only: [:show, :edit, :update, :destroy, :draft, :copy_edit, :review_and_approve, :revise, :approve, :archive, :mail_merge, :draft_from_queue]
end
如何进行报告查看操作不需要身份验证?
答案 0 :(得分:1)
您的过滤器看起来不错,但问题是您没有点击查看操作。您正在进行索引操作:
Started GET "/reports" for 10.0.2.2 at 2015-07-31 23:48:55 +0000
...
Processing by ReportsController#index as HTML
Completed 401 Unauthorized in 29ms