Rails:未使用正确的默认角色

时间:2016-06-22 01:30:04

标签: ruby-on-rails model-view-controller devise cancancan

在我的rails应用程序中,我只有两个角色,Admin和User,我在架构和用户模型中定义了它们。这是我的schema.rb with users table:

  create_table "users", force: :cascade do |t|
    t.string   "first_name"
    t.string   "last_name"
    t.datetime "created_at",                          null: false
    t.datetime "updated_at",                          null: false
    t.string   "email",                  default: "", null: false
    t.string   "encrypted_password",     default: "", null: false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",          default: 0,  null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.inet     "current_sign_in_ip"
    t.inet     "last_sign_in_ip"
    t.integer  "role",                   default: 2
  end

  add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
  add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree

end

首先,这是我的用户模型:

class User < ActiveRecord::Base
    #Defining different roles
    enum role: [:Admin, :User]
    #Users can only have one scholarship application
    has_one :applications
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable
end

我的能力模型:

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)
        if user.role = 1
            can :manage, :all
        elsif user.role = 2
            can :manage, Application
            can :manage, User
        else
            can :read, Static_Page
        end
    end
end

我的用户控制器:

class UsersController < ApplicationController
  before_action :authenticate_user
  #Users who are not signed in cannot view users list
  before_action :set_user, only: [:show, :edit, :update, :destroy]
  load_and_authorize_resource

  # GET /users
  # GET /users.json
  def index
    @users = User.all
  end

  # GET /users/1
  # GET /users/1.json
  def show
  end

  # GET /users/new
  def new
    @user = User.new
  end

  # GET /users/1/edit
  def edit
    @user = current_user
  end

  # POST /users
  # POST /users.json
  def create
    @user = User.new(user_params)

    respond_to do |format|
      if @user.save
        format.html { redirect_to @user, notice: 'User was successfully created.' }
        format.json { render :show, status: :created, location: @user }
      else
        format.html { render :new }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /users/1
  # PATCH/PUT /users/1.json
  def update
    respond_to do |format|
      if @user.update(user_params)
        format.html { redirect_to @user, notice: 'User was successfully updated.' }
        format.json { render :show, status: :ok, location: @user }
      else
        format.html { render :edit }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /users/1
  # DELETE /users/1.json
  def destroy
    @user.destroy
    respond_to do |format|
      format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_user
      @user = User.find(params[:id])
    end

    #Never trust paramaters from the scary internet, man.
    def user_params
      params.require(:user).permit(:first_name, :last_name)
    end
end

在我的观点中,我根据用户的角色添加了一些条件,例如:

<% if user_signed_in? %>
<h4 class="center"> Welcome <%= current_user.first_name %>!</h4>
<% end %>
<% if user_signed_in? && current_user.role = "Admin" %>

<h4 class="center"> You are a <%= current_user.role %>, you can view all applications, edit them, delete users, and more!!</h4>
<% elsif user_signed_in? && current_user.role = "User" %>
<h4 class="center"> Thank you for your interest in our scholarship. As a <%= current_user.role %>, you may create, edit, or delete your scholarship application now that you are signed in.</h4>

<% else %>
<h4 class="center"> Welcome to the Philanthropist's Scholarship Application! Please create an account to apply for our scholarship!</h4>

<% end %>

我在用户视图中按照上述逻辑运行管理员CP(针对管理员)和帐户设置(针对用户)视图,以便管理员CP向用户显示所有用户,例如默认的rails脚手架,而帐户设置只会显示当前用户的用户信息。

唯一的问题是,当我创建一个新用户时,它总是说用户是管理员,我创建了一个新用户,并且角色值似乎不等于2(“用户”),他们只是一个管理员,可以做任何事情。

有什么建议吗?

1 个答案:

答案 0 :(得分:1)

您需要在视图中使用== not =才能获得正确的功能。除此之外,您的Users表中的字段是一个整数... 

t.integer  "role",                   default: 2

<% if user_signed_in? %>
<h4 class="center"> Welcome <%= current_user.first_name %>!</h4>
<% end %>
<% if user_signed_in? && current_user.role == 1 %>

<h4 class="center"> You are a <%= current_user.role %>, you can view all applications, edit them, delete users, and more!!</h4>
<% elsif user_signed_in? && current_user.role == 2 %>
<h4 class="center"> Thank you for your interest in our scholarship. As a <%= current_user.role %>, you may create, edit, or delete your scholarship application now that you are signed in.</h4>

<% else %>
<h4 class="center"> Welcome to the Philanthropist's Scholarship Application! Please create an account to apply for our scholarship!</h4>

<% end %>
相关问题
最新问题