Rails:未使用正确的默认角色创建用户
Rails: User not being created with proper default role
在我的 rails 应用程序中,我只有两个角色,Admin 和 User,我在模式和用户模型中定义了它们。这是我的 schema.rb 与用户 table:
create_table "users", force: :cascade do |t|
t.string "first_name"
t.string "last_name"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.inet "current_sign_in_ip"
t.inet "last_sign_in_ip"
t.integer "role", default: 2
end
add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
end
首先,这是我的用户模型:
class User < ActiveRecord::Base
#Defining different roles
enum role: [:Admin, :User]
#Users can only have one scholarship application
has_one :applications
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
end
我的能力模型:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.role = 1
can :manage, :all
elsif user.role = 2
can :manage, Application
can :manage, User
else
can :read, Static_Page
end
end
end
我的用户控制器:
class UsersController < ApplicationController
before_action :authenticate_user
#Users who are not signed in cannot view users list
before_action :set_user, only: [:show, :edit, :update, :destroy]
load_and_authorize_resource
# GET /users
# GET /users.json
def index
@users = User.all
end
# GET /users/1
# GET /users/1.json
def show
end
# GET /users/new
def new
@user = User.new
end
# GET /users/1/edit
def edit
@user = current_user
end
# POST /users
# POST /users.json
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1
# PATCH/PUT /users/1.json
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /users/1
# DELETE /users/1.json
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
#Never trust paramaters from the scary internet, man.
def user_params
params.require(:user).permit(:first_name, :last_name)
end
end
在我看来,我根据用户的角色添加了一些要显示的条件,例如:
<% if user_signed_in? %>
<h4 class="center"> Welcome <%= current_user.first_name %>!</h4>
<% end %>
<% if user_signed_in? && current_user.role = "Admin" %>
<h4 class="center"> You are a <%= current_user.role %>, you can view all applications, edit them, delete users, and more!!</h4>
<% elsif user_signed_in? && current_user.role = "User" %>
<h4 class="center"> Thank you for your interest in our scholarship. As a <%= current_user.role %>, you may create, edit, or delete your scholarship application now that you are signed in.</h4>
<% else %>
<h4 class="center"> Welcome to the Philanthropist's Scholarship Application! Please create an account to apply for our scholarship!</h4>
<% end %>
我在我的用户视图中遵循了管理 CP(对于管理员)和帐户设置(对于用户)视图的上述逻辑 - 这样管理 CP 会像默认的 rails 脚手架一样显示所有用户用户,而帐户设置只会显示当前用户的用户信息。
唯一的问题是,当我创建一个新用户时,它总是说用户是管理员,我创建了一个新用户,角色值似乎不等于2("user"),他们只是管理员,可以做任何事情。
有什么建议吗?
您需要在视图中使用 == 而不是 = 以获得正确的功能。除此之外,您在用户 table 中的字段是一个整数...
t.integer "role", default: 2
<% if user_signed_in? %>
<h4 class="center"> Welcome <%= current_user.first_name %>!</h4>
<% end %>
<% if user_signed_in? && current_user.role == 1 %>
<h4 class="center"> You are a <%= current_user.role %>, you can view all applications, edit them, delete users, and more!!</h4>
<% elsif user_signed_in? && current_user.role == 2 %>
<h4 class="center"> Thank you for your interest in our scholarship. As a <%= current_user.role %>, you may create, edit, or delete your scholarship application now that you are signed in.</h4>
<% else %>
<h4 class="center"> Welcome to the Philanthropist's Scholarship Application! Please create an account to apply for our scholarship!</h4>
<% end %>
在我的 rails 应用程序中,我只有两个角色,Admin 和 User,我在模式和用户模型中定义了它们。这是我的 schema.rb 与用户 table:
create_table "users", force: :cascade do |t|
t.string "first_name"
t.string "last_name"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.inet "current_sign_in_ip"
t.inet "last_sign_in_ip"
t.integer "role", default: 2
end
add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
end
首先,这是我的用户模型:
class User < ActiveRecord::Base
#Defining different roles
enum role: [:Admin, :User]
#Users can only have one scholarship application
has_one :applications
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
end
我的能力模型:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.role = 1
can :manage, :all
elsif user.role = 2
can :manage, Application
can :manage, User
else
can :read, Static_Page
end
end
end
我的用户控制器:
class UsersController < ApplicationController
before_action :authenticate_user
#Users who are not signed in cannot view users list
before_action :set_user, only: [:show, :edit, :update, :destroy]
load_and_authorize_resource
# GET /users
# GET /users.json
def index
@users = User.all
end
# GET /users/1
# GET /users/1.json
def show
end
# GET /users/new
def new
@user = User.new
end
# GET /users/1/edit
def edit
@user = current_user
end
# POST /users
# POST /users.json
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1
# PATCH/PUT /users/1.json
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /users/1
# DELETE /users/1.json
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
#Never trust paramaters from the scary internet, man.
def user_params
params.require(:user).permit(:first_name, :last_name)
end
end
在我看来,我根据用户的角色添加了一些要显示的条件,例如:
<% if user_signed_in? %>
<h4 class="center"> Welcome <%= current_user.first_name %>!</h4>
<% end %>
<% if user_signed_in? && current_user.role = "Admin" %>
<h4 class="center"> You are a <%= current_user.role %>, you can view all applications, edit them, delete users, and more!!</h4>
<% elsif user_signed_in? && current_user.role = "User" %>
<h4 class="center"> Thank you for your interest in our scholarship. As a <%= current_user.role %>, you may create, edit, or delete your scholarship application now that you are signed in.</h4>
<% else %>
<h4 class="center"> Welcome to the Philanthropist's Scholarship Application! Please create an account to apply for our scholarship!</h4>
<% end %>
我在我的用户视图中遵循了管理 CP(对于管理员)和帐户设置(对于用户)视图的上述逻辑 - 这样管理 CP 会像默认的 rails 脚手架一样显示所有用户用户,而帐户设置只会显示当前用户的用户信息。
唯一的问题是,当我创建一个新用户时,它总是说用户是管理员,我创建了一个新用户,角色值似乎不等于2("user"),他们只是管理员,可以做任何事情。
有什么建议吗?
您需要在视图中使用 == 而不是 = 以获得正确的功能。除此之外,您在用户 table 中的字段是一个整数...
t.integer "role", default: 2
<% if user_signed_in? %>
<h4 class="center"> Welcome <%= current_user.first_name %>!</h4>
<% end %>
<% if user_signed_in? && current_user.role == 1 %>
<h4 class="center"> You are a <%= current_user.role %>, you can view all applications, edit them, delete users, and more!!</h4>
<% elsif user_signed_in? && current_user.role == 2 %>
<h4 class="center"> Thank you for your interest in our scholarship. As a <%= current_user.role %>, you may create, edit, or delete your scholarship application now that you are signed in.</h4>
<% else %>
<h4 class="center"> Welcome to the Philanthropist's Scholarship Application! Please create an account to apply for our scholarship!</h4>
<% end %>