我创建了一个应用程序,您可以对主题进行排序并相应地下载学术文件。 我首先创建了一个用户可以查看所有类别的应用程序,并且有一个下拉框可以对所有类别进行排序并相应地显示它。
现在,我的客户只希望主题相关用户只查看他们各自的材料。其他类别不得为他们所见。
例如,如果我的用户表上有教师=“Ruby”。我必须只能查看所有Ruby文件,不能显示其他文件。请帮我将此功能集成到我的应用程序中。
这是我当前工作的index.html.erb和assignment_controller(这里我们可以根据类别进行排序,但它会显示所有文件)
class AssignmentsController < ApplicationController
before_action :authenticate_user!
before_action :set_assignment, only: [:show, :edit, :update, :destroy]
def index
if params[:category].blank?
@assignments = Assignment.all.order("created_at DESC")
else
@category_id = Category.find_by(name: params[:category]).id
@assignments = Assignment.where(:category_id => @category_id).order("created_at DESC")
end
end
def show
end
def new
@assignment = current_user.assignments.build
@categories = Category.all.map{ |c| [c.name, c.id]}
end
def edit
@categories = Category.all.map{ |c| [c.name, c.id]}
end
def create
@assignment = current_user.assignments.build(assignment_params)
@assignment.category_id = params[:category_id]
respond_to do |format|
if @assignment.save
format.html { redirect_to @assignment, notice: 'Assignment was successfully created.' }
format.json { render :show, status: :created, location: @assignment }
else
format.html { render :new }
format.json { render json: @assignment.errors, status: :unprocessable_entity }
end
end
end
def update
authorize @assignment
@assignment.category_id = params[:category_id]
respond_to do |format|
if @assignment.update(assignment_params)
format.html { redirect_to @assignment, notice: 'Assignment was successfully updated.' }
format.json { render :show, status: :ok, location: @assignment }
else
format.html { render :edit }
format.json { render json: @assignment.errors, status: :unprocessable_entity }
end
end
end
def destroy
authorize @assignment
@assignment.destroy
respond_to do |format|
format.html { redirect_to assignments_url, notice: 'Assignment was successfully destroyed.' }
format.json { head :no_content }
end
end
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
private
def user_not_authorized
flash[:warning] = "You are not authorized to perform this action."
redirect_to(request.referrer || root_path)
end
# Use callbacks to share common setup or constraints between actions.
def set_assignment
@assignment = Assignment.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def assignment_params
params.require(:assignment).permit(:title, :detail, :due_date, :category_id, :attachment)
end
end
ERB档案:
<% if !flash[:notice].blank? %>
<div class="alert alert-info">
<%= flash[:notice] %>
</div>
<% end %>
<br />
<div class="dropdown">
<button class="btn btn-default dropdown-toggle" type="button" id="dropdownMenu1" data-toggle="dropdown" aria-haspopup="true" aria-expanded="true">
Sort By Model Name
<span class="caret"></span>
</button>
<ul class="dropdown-menu" aria-labelledby="dropdownMenu1">
<% Category.all.each do |category| %>
<li class="<%= 'active' if params[:category] == category.name %>">
<%= link_to category.name, assignments_path(category: category.name), class: "link" %>
</li>
<% end %>
</ul>
</div>
<h1 class="current-category"><%= params[:category] %></h1>
<% if @assignments.count == 0 %>
<h1>There are no file uploaded for this Model</h1>
<% else %>
<br />
<h1>Listing Assignments</h1>
<%= current_user.faculty %>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th>Title</th>
<th>Detail</th>
<th>Due date</th>
<th>Days Remaining</th>
<th>Latest Updated</th>
<th>Download Link</th>
<th colspan="3"></th>
</tr>
</thead>
<tbody>
<% @assignments.each do |assignment| %>
<tr>
<td><%= assignment.title %></td>
<td><%= assignment.detail %></td>
<td><%= assignment.due_date %></td>
<td> <%= (assignment.due_date.to_i - Time.now.to_i)/86400%></td>
<td><%= distance_of_time_in_words(assignment.updated_at, Time.now) %> ago</td>
<td><%= link_to "Download File", assignment.attachment_url %></td>
<td><%= link_to 'Show', assignment %></td>
<% if policy(assignment).destroy? %>
<td><%= link_to 'Edit', edit_assignment_path(assignment) %></td>
<td><%= link_to 'Destroy', assignment, method: :delete, data: { confirm: 'Are you sure?' } %></td><% end %>
</tr>
<% end %>
</tbody>
</table>
<br>
<% end %>
<%= link_to 'New Assignment', new_assignment_path %>