我已按照guide关于如何在我的应用程序的Rails中安装Administrate gem,但我想添加的是只能由我设置管理员的功能。我已按照Gtihub说明操作,但我仍然坚持如何将我的电子邮件或任何其他用户电子邮件设置为管理员。这是我到目前为止添加的内容:
控制器/管理/ application_controller.rb
# All Administrate controllers inherit from this `Admin::ApplicationController`,
# making it the ideal place to put authentication logic or other
# before_filters.
#
# If you want to add pagination or other controller-level concerns,
# you're free to overwrite the RESTful controller actions.
class Admin::ApplicationController < Administrate::ApplicationController
before_action :authenticate_user!
before_action :authenticate_admin
def authenticate_admin
redirect_to '/', alert: 'Not authorized.' unless current_user && access_whitelist
end
private
def access_whitelist
current_user.try(:admin?) || current_user.try(:door_super?)
end
# Override this value to specify the number of elements to display at a time
# on index pages. Defaults to 20.
# def records_per_page
# params[:per_page] || 20
# end
end
仪表板/ user_dashboard.rb
require "administrate/base_dashboard"
class UserDashboard < Administrate::BaseDashboard
# ATTRIBUTE_TYPES
# a hash that describes the type of each of the model's fields.
#
# Each different type represents an Administrate::Field object,
# which determines how the attribute is displayed
# on pages throughout the dashboard.
ATTRIBUTE_TYPES = {
posts: Field::HasMany,
reviews: Field::HasMany,
id: Field::Number,
email: Field::String,
encrypted_password: Field::String,
reset_password_token: Field::String,
reset_password_sent_at: Field::DateTime,
remember_created_at: Field::DateTime,
sign_in_count: Field::Number,
current_sign_in_at: Field::DateTime,
last_sign_in_at: Field::DateTime,
current_sign_in_ip: Field::String,
last_sign_in_ip: Field::String,
created_at: Field::DateTime,
updated_at: Field::DateTime,
name: Field::String,
password: PasswordField,
password_confirmation: PasswordField
}
# COLLECTION_ATTRIBUTES
# an array of attributes that will be displayed on the model's index page.
#
# By default, it's limited to four items to reduce clutter on index pages.
# Feel free to add, remove, or rearrange items.
COLLECTION_ATTRIBUTES = [
:posts,
:reviews,
:id,
:email,
]
# SHOW_PAGE_ATTRIBUTES
# an array of attributes that will be displayed on the model's show page.
SHOW_PAGE_ATTRIBUTES = ATTRIBUTE_TYPES.keys
# FORM_ATTRIBUTES
# an array of attributes that will be displayed
# on the model's form (`new` and `edit`) pages.
FORM_ATTRIBUTES = [
:posts,
:reviews,
:email,
:password,
:password_confirmation,
# :encrypted_password,
# :reset_password_token,
# :reset_password_sent_at,
# :remember_created_at,
# :sign_in_count,
# :current_sign_in_at,
# :last_sign_in_at,
:current_sign_in_ip,
:last_sign_in_ip,
:name,
]
# Overwrite this method to customize how users are displayed
# across all pages of the admin dashboard.
#
# def display_resource(user)
# "User ##{user.id}"
# end
end
答案 0 :(得分:6)
这是我管理访问的方式
# All Administrate controllers inherit from this `Admin::ApplicationController`,
# making it the ideal place to put authentication logic or other
# before_filters.
#
# If you want to add pagination or other controller-level concerns,
# you're free to overwrite the RESTful controller actions.
module Admin
class ApplicationController < Administrate::ApplicationController
before_filter :authenticate_admin
def authenticate_admin
redirect_to root_url unless current_user.try(:admin)
end
# Override this value to specify the number of elements to display at a time
# on index pages. Defaults to 20.
# def records_per_page
# params[:per_page] || 20
# end
end
end
所以它基本上检查current_user方法的布尔字段。如果您没有,请为您的用户模型创建它,或者使用授权系统提供的功能。
答案 1 :(得分:1)
在检查管理员之前,
1 - 你需要在用户表中添加一个类型为boolean的“admin”列。
2-将类似下面的代码添加到控制器,用于验证用户是否为admin:
def authenticate_admin
if !current_user.admin?
redirect_to root_url, alert: "Sorry You do not have enought privilege"
end
end
然后在你的控制器类声明之后添加:
before_filter :authenticate_admin
将验证用户是否是管理员。 确保使用rails控制台将admin列设置为true,以便设置为admin。
让我知道它是怎么回事......