我目前正在使用此身份验证设置:
<resources>
<dimen name="activity_horizontal_margin">16dp</dimen>
<dimen name="activity_vertical_margin">16dp</dimen>
<dimen name="question_margin">25dp</dimen>
<dimen name="customize_menu_title">15pt</dimen>
<dimen name="customize_menu_radio">13pt</dimen>
<dimen name="question_text_size">20pt</dimen>
<dimen name="answer_text_size">12pt</dimen>
<dimen name="radio_button_spacing">20dp</dimen>
<dimen name="item_spacing">20dp</dimen>
<dimen name="score_label_size">20pt</dimen>
<dimen name="score_size">40pt</dimen>
<dimen name="question_display_margin">4dp</dimen>
<dimen name="prize_display_margin">32dp</dimen>
</resources>
<resources>
<string name="app_name">Smart Kids Love Maths</string>
<string name="button_trophies">My Prizes</string>
<string name="button_start">Start!</string>
<string name="digit_text">Number of digits</string>
<string name="operator_text">Operation</string>
<string name="timer_enabled_text">Timer Enabled</string>
<string name="title_activity_questions">Smart Kids Love Maths</string>
<string name="title_activity_results">Results</string>
<string name="score_label">Your Score:</string>
<string name="correct_text">Correct!</string>
<string name="wrong_text">Wrong!</string>
<string name="correct_answer_text">Correct Answer: </string>
<string name="earn_trophy_text">You earned a new trophy!</string>
<string name="earn_badge_text">You earned a new badge!</string>
<string name="earn_star_text">You earned a new star!</string>
</resources>
因此,如果我想 before_filter :authenticate_admin!, only: [:user_insights]
before_filter :authenticate_user!, only: [:search_users, :results_users]
或查看其结果(search_users),我需要以用户身份登录。
但我现在需要能够以管理员身份搜索用户(results_users和search_users)。
results_users但是现在,即使我以管理员身份登录并访问操作 before_filter :authenticate_admin!, only: [:user_insights, :search_users, :results_users]
before_filter :authenticate_user!, only: [:search_users, :results_users]
,我也会因为缺乏权限而被踢出局。
我做错了什么? (覆盖认证规则?)
答案 0 :(得分:0)
在您的authenticate_user方法中,您应该将管理员身份验证为用户,因此管理员或用户都会通过身份验证。这样,管理员就有资格成为用户并拥有用户拥有的所有权利。