Rails-Pundit-如何检查current_admin_user?

时间:2018-08-25 03:17:07

标签: ruby-on-rails devise authorization ruby-on-rails-5 pundit

我正在使用Pundit进行用户模型的授权。

我的目标是将其扩展为使用AdminUser模型,专门用于我的admin名称空间。

默认情况下,Pundit检查“用户”或“当前用户”。如何根据Devise更改此项以检查“ admin_user”或“ current_admin_user”?

policies / admin / admin_policy.rb (已关闭系统,当前查找的是User而不是AdminUser)

class Admin::AdminPolicy
  attr_reader :user, :record

  def initialize(user, record)
    # Must be logged in
    raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
    @user = user
    @record = record
  end

  def index?
    false
  end

  def show?
    false
  end

  def create?
    false
  end

  def new?
    create?
  end

  def update?
    false
  end

  def edit?
    update?
  end

  def destroy?
    false
  end

  class Scope
    attr_reader :user, :scope

    def initialize(user, scope)
      raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
      @user = user
      @scope = scope
    end

    def resolve
      scope.all
    end
  end
end

policies / admin / home_policy.rb (管理员命名空间的子策略示例)

class Admin::HomePolicy < Admin::AdminPolicy

  def index?
    user.present?
  end

end

1 个答案:

答案 0 :(得分:1)

我认为您需要在控制器上定义方法pundit_user进行自定义https://github.com/varvet/pundit#customize-pundit-user 

def pundit_user
  current_admin_user
end
相关问题
最新问题