注释使用Rails 5.2和Postgresql
我有Foluser个模型,其中包含name,email,password,id_watch
管理员添加新的foluser时需要
生成password
当管理员创建新的追随者时,会像Secure Password Generator
password
从id_watch模型中获取admin并将其从id_watch模型中放入Foluser
管理员when register enter用户名,电子邮件,密码, id_watch`
在第2点中,需要使用此id_watch并将其保存在user模型中。
管理员仅创建foluser
`
class FolusersController < ApplicationController
before_action :set_foluser, only: [:show, :edit, :update, :destroy]
before_action :authenticate_user!, except: [:index, :show, :new , :create, :edit]
# GET /folusers
# GET /folusers.json
def index
@folusers = current_master.foluser.all
#render json: @folusers
end
# GET /folusers/1
# GET /folusers/1.json
def show
#@folusers = Foluser.where(master_id: @master.id).order("created_at DESC")
#@foluser = Foluser.find(params[:id])
#render json: @foluser
end
# GET /folusers/new
def new
@foluser = current_master.foluser.build
end
# GET /folusers/1/edit
def edit
#render json: @foluser
end
# POST /folusers
# POST /folusers.json
def create
@foluser = current_master.foluser.build(foluser_params)
respond_to do |format|
if @foluser.save
format.html { redirect_to @foluser, notice: 'Foluser was successfully created.' }
format.json { render :show, status: :created, location: @foluser }
else
format.html { render :new }
format.json { render json: @foluser.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /folusers/1
# PATCH/PUT /folusers/1.json
def update
respond_to do |format|
if @foluser.update(foluser_params)
format.html { redirect_to @foluser, notice: 'Foluser was successfully updated.' }
format.json { render :show, status: :ok, location: @foluser }
else
format.html { render :edit }
format.json { render json: @foluser.errors, status: :unprocessable_entity }
end
end
end
# DELETE /folusers/1
# DELETE /folusers/1.json
def destroy
@foluser.destroy
respond_to do |format|
format.html { redirect_to folusers_url, notice: 'Foluser was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_foluser
@foluser = Foluser.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def foluser_params
params.require(:foluser).permit(:name, :email, :numberphone, :password)
end
end
foluser模型
class Foluser < ApplicationRecord
belongs_to :admin, :optional => true
end
admin模型
class Master < ApplicationRecord
has_many :foluser
end
答案 0 :(得分:2)
使用当前代码,可以在控制器中通过以下方式设置id_watch:
class FolusersController < ApplicationController
def create
@foluser = current_master.folusers.build(foluser_params)
@foluser.id_watch = current_master.id_watch # <-- !!!
respond_to do |format|
if @foluser.save
# ...
end
end
end
end
尽管我们在上面进行了广泛的交谈,但我仍然不清楚您要使用“密码生成”来实现什么。
(应该在前端还是在后端生成?应该以加密形式还是以纯文本形式存储?如果加密了,您是否需要能够逆转这种加密?它是“永久性的吗? “密码还是“临时”密码?...)
因此,下面的代码应该花点时间-因为我仍然不太清楚期望的/正确的行为是什么。
在FolusersController中,您定义了以下方法:
def foluser_params
params.require(:foluser).permit(:name, :email, :numberphone, :password)
end
但是,如果要由服务器生成密码,则不应允许admin通过控制器设置密码。因此,请删除此参数:
def foluser_params
params.require(:foluser).permit(:name, :email, :numberphone)
end
然后在某个地方-可能在控制器中,或者作为模型中的钩子-将此密码设置为随机密码:
class FolusersController < ApplicationController
def create
@foluser = current_master.folusers.build(foluser_params)
@foluser.password = SecureRandom.hex(10 + rand(6))
# ...
end
end
# or
class Foluser < ApplicationRecord
after_initialize :default_password
def default_password
self.password ||= SecureRandom.hex(10 + rand(6))
end
end
答案 1 :(得分:1)
我认为您找到了解决方案,请在模型中使用rails回调从控制器中提取这种逻辑。
但是我宁愿使用after_initialize而不是before_save,这样您就不会在每次保存之前设置默认密码(甚至可能会执行更新操作)
然后使用诸如SecureRandom(关注ActiveSupport)之类的东西(已经由rails捆绑,不需要)
after_initialize :defaultpassword
...
def default_password
self.password ||= SecureRandom.hex(10 + rand(6))
end
我知道这不是最好的随机方法,但是可以自定义它。
secure_random输出示例:
=>bf8d42b174d297f6460eef
=>efd28869171a1ec89c3438
=>3855c61fb6b90ed549d777