Rails 4.2 before_action应用中的require_signin中有一个application_controller engine。此require_signin的目的是检查用户是否在执行任何操作之前登录。这是require_signin:
def require_signin
if !signed_in?
sign_out
redirect_to URI.escape(SUBURI + main_app.signin_path), :notice => t('Login First!')
end
end
sign_in?是:
def signed_in?
!current_user.nil?
end
在engine's application_controller中,有:
class ApplicationController < ::ApplicationController
before_action :require_signin
..........
end
以下是engine resource_allocx's controller命名空间:
require_dependency "resource_allocx/application_controller"
module ResourceAllocx
class AllocationsController < ApplicationController
....
end
end
但是,在create中,在用户被踢出系统再次登录之前,会创建一条新记录。根据设计,如果用户未登录require_signin,则应在application_controller中撤消用户,并且永远不应执行create。这里错过了什么导致在require_signin之后执行create?