我正在尝试允许管理员用户删除此应用程序中的其他用户,但点击删除链接会重定向到所选用户的页面。
user_controller.rb
class UsersController < ApplicationController
before_filter :authenticate, :only => [:index, :edit, :update, :destroy]
before_filter :correct_user, :only => [:edit, :update]
before_filter :admin_user, :only => :destroy
def destroy
User.find(params[:id]).destroy
flash[:success] = "User destroyed."
redirect_to users_path
end
private
def authenticate
deny_access unless signed_in?
end
def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end
def admin_user
redirect_to(root_path) unless current_user.admin?
end
end
application.html.erb
<!DOCTYPE html>
<html>
<head>
<title><%= title %></title>
<%= csrf_meta_tag %>
<%= render 'layouts/stylesheets' %>
<%= javascript_include_tag :defaults %>
</head>
_user.html.erb
<li>
<%= link_to user.name, user %>
<% if current_user.admin? %>
| <%= link_to "delete", user, :method => :delete, :confirm => "You sure?",
:title => "Delete #{user.name}" %>
<% end %>
</li>