Rails 4 with Pundit & Statesman gem - 对象处于某个状态时的策略
Rails 4 with Pundit & Statesman gem - policy when an object is in a state
我正在尝试在 Rails 4.
中制作一个应用程序
我正在尝试使用政治家 gem 来描述状态,然后使用专家来描述政策。
我的 gem 文件有:
gem 'statesman', '~> 1.3', '>= 1.3.1'
gem 'pundit'
我有一个文章模型和一个文章转换模型以及一个 article_state_machine 模型。
我的 objective 是在我的文章策略中定义一个发布策略(使用 pundit),它允许拥有文章的用户发布处于 'approved' 状态的文章。
我正在我的专家文章政策中尝试这样做:
class ArticlePolicy < ApplicationPolicy
def publish?
user.present? && user == article.user
# if requires approval, then approved
# and article.in_state(:approve) - why doesnt this work - see statesman docs?
# user && user.article.exists?(article.id)
end
end
当我尝试检查文章是否处于 :approve 状态(如上文注释)时,我收到一条错误消息,指出未定义的方法 'in_state'。
如何在策略中使用状态机?还是该策略允许用户随时发布,但您仅在文章处于批准状态时才在文章显示页面上显示按钮(尽管我认为这是专家的观点)。
Article.rb
class Article < ActiveRecord::Base
include Statesman::Adapters::ActiveRecordQueries
has_many :transitions, class_name: "ArticleTransition", autosave: false
def state_machine
@state_machine ||= ArticleStateMachine.new(self, transition_class: ArticleTransition, association_name: :transitions)
end
# delegate :can_transition_to?. :trans
# def reindex_articles
# article.reindex_async
# end
private
def self.transition_name
:transitions
end
def self.transition_class
ArticleTransition
end
def self.initial_state
# ArticleTransition.initial_state
:draft
end
end
文章状态机模型:
class ArticleStateMachine
include Statesman::Machine
state :draft, initial: :true #while author is drafting
state :review #while approver comments are being addressed (really still in draft)
state :reject # not suitable for publication
state :approve # suitable for publication
state :publish #published
state :remove # destroyed
# state :spotlight
transition from: :draft, to: [:reject, :approve, :publish, :remove]
# transition from: :review, to: [:rejected, :approved, :removed]
transition from: :reject, to: [:draft, :remove]
transition from: :approve, to: [:publish, :remove]
transition from: :publish, to: :remove
end
文章过渡模型:
class ArticleTransition < ActiveRecord::Base
include Statesman::Adapters::ActiveRecordTransition
belongs_to :article, inverse_of: :article_transitions
end
文章负责人:
def approve
article = Article.find(params[:id])
if article.state_machine.transition_to!(:approve)
flash[:notice] = "This article has been approved for publication"
redirect_to action: :show, id: article_id
# add mailer to send message to article owner that article has been approved
else
flash[:error] = "You're not able to approve this article"
redirect_to action: :show, id: article_id
end
end
def publish
article = Article.find(params[:id])
authorize @article
if article.state_machine.transition_to!(:publish)
redirect_to action: :show, id: article_id
# how do you catch the date the state became published?
else
flash[:error] = "You're not able to publish this article"
redirect_to action: :show, id: article_id
end
end
谁能看出我做错了什么?
整个文章控制器有:
class ArticlesController < ApplicationController
before_action :set_article, only: [:show, :edit, :update, :destroy, :reject, :approve, :publish, :remove]
before_action :authenticate_user!, except: [:index, :show, :search, :reject, :approve, :publish, :remove]
respond_to :html, :json
# GET /articles
# GET /articles.json
def index
@articles = policy_scope(Article)
# query = params[:query].presence || "*"
# @articles = Article.search(query)
end
# def index
# if params[:query].present?
# @books = Book.search(params[:query], page: params[:page])
# else
# @books = Book.all.page params[:page]
# end
# end
# GET /articles/1
# GET /articles/1.json
def show
end
# GET /articles/new
def new
@article = Article.new
@article.comments.build
end
# GET /articles/1/edit
def edit
authorize @article
end
# POST /articles
# POST /articles.json
def create
# before_action :authenticate_user!
# authorize @article
@article = current_user.articles.new(article_params)
respond_to do |format|
if @article.save
format.html { redirect_to(@article) }
format.json { render :show, status: :created, location: @article }
else
format.html { render :new }
format.json { render json: @article.errors, status: :unprocessable_entity }
end
end
end
def search
if params[:search].present?
@articless = Article.search(params[:search])
else
@articles = Articles.all
end
end
# PATCH/PUT /articles/1
# PATCH/PUT /articles/1.json
def update
# before_action :authenticate_user!
authorize @article
respond_to do |format|
# if @article.update(article_params)
# format.json { render :show, status: :ok, location: @article }
# else
# format.html { render :edit }
# format.json { render json: @article.errors, status: :unprocessable_entity }
# end
# end
if @article.update(article_params)
format.html { redirect_to(@article) }
format.json { render :show, status: :ok, location: @article }
else
format.json { render json: @article.errors, status: :unprocessable_entity }
end
format.html { render :edit }
end
end
# DELETE /articles/1
# DELETE /articles/1.json
def destroy
before_action :authenticate_user!
authorize @article
@article.destroy
respond_to do |format|
format.json { head :no_content }
end
end
# def review
# article = Article.find(params[:id])
# if article.state_machine.transition_to!(:review)
# flash[:notice] = "Comments on this article have been made for your review"
# redirect_to action: :show, id: article_id
# else
# flash[:error] = "You're not able to review this article"
# redirect_to action: :show, id: article_id
# end
# end
def reject
end
def approve
article = Article.find(params[:id])
if article.state_machine.transition_to!(:approve)
flash[:notice] = "This article has been approved for publication"
redirect_to action: :show, id: article_id
# add mailer to send message to article owner that article has been approved
else
flash[:error] = "You're not able to approve this article"
redirect_to action: :show, id: article_id
end
end
def publish
article = Article.find(params[:id])
if article.state_machine.transition_to!(:publish)
redirect_to action: :show, id: article_id
# how do you catch the date the state became published?
else
flash[:error] = "You're not able to publish this article"
redirect_to action: :show, id: article_id
end
end
def remove
article = Article.find(params[:id])
if article.state_machine.transition_to!(:remove)
redirect_to root_path
else
flash[:error] = "You're not able to destroy this article"
redirect_to action: :show, id: article_id
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_article
@article = Article.find(params[:id])
authorize @article
end
# Never trust parameters from the scary internet, only allow the white list through.
def article_params
params.require(:article).permit(:body, :title, :image, :tag_list,
comment_attributes: [:opinion])
end
end
When I try to check if the article is in state :approve (as commented
out above), I get an error message that says undefined method
'in_state'.
您是否尝试过将政策中的 article.in_state?(:approve) 更改为 article.state_machine.in_state?(:approve)?。
您遗漏了方法末尾的 ?:
in_state 方法实际上是一个 class 方法,其行为类似于作用域。
你需要使用in_state?方法,它是一个实例方法,像这样:
article.state_machine.in_state?(:approve)
您使用的 statesman gem 版本没有 in_state? 定义。您可以更新 gem。或者您可以使用 smallbuttoncom
链接的类似代码自己定义它
但是,对于您的情况,一个简单的检查就足够了。在您的政策中尝试以下代码
article.state_machine.current_state == "approve"
希望对您有所帮助。
我正在尝试在 Rails 4.
中制作一个应用程序我正在尝试使用政治家 gem 来描述状态,然后使用专家来描述政策。
我的 gem 文件有:
gem 'statesman', '~> 1.3', '>= 1.3.1'
gem 'pundit'
我有一个文章模型和一个文章转换模型以及一个 article_state_machine 模型。
我的 objective 是在我的文章策略中定义一个发布策略(使用 pundit),它允许拥有文章的用户发布处于 'approved' 状态的文章。
我正在我的专家文章政策中尝试这样做:
class ArticlePolicy < ApplicationPolicy
def publish?
user.present? && user == article.user
# if requires approval, then approved
# and article.in_state(:approve) - why doesnt this work - see statesman docs?
# user && user.article.exists?(article.id)
end
end
当我尝试检查文章是否处于 :approve 状态(如上文注释)时,我收到一条错误消息,指出未定义的方法 'in_state'。
如何在策略中使用状态机?还是该策略允许用户随时发布,但您仅在文章处于批准状态时才在文章显示页面上显示按钮(尽管我认为这是专家的观点)。
Article.rb
class Article < ActiveRecord::Base
include Statesman::Adapters::ActiveRecordQueries
has_many :transitions, class_name: "ArticleTransition", autosave: false
def state_machine
@state_machine ||= ArticleStateMachine.new(self, transition_class: ArticleTransition, association_name: :transitions)
end
# delegate :can_transition_to?. :trans
# def reindex_articles
# article.reindex_async
# end
private
def self.transition_name
:transitions
end
def self.transition_class
ArticleTransition
end
def self.initial_state
# ArticleTransition.initial_state
:draft
end
end
文章状态机模型:
class ArticleStateMachine
include Statesman::Machine
state :draft, initial: :true #while author is drafting
state :review #while approver comments are being addressed (really still in draft)
state :reject # not suitable for publication
state :approve # suitable for publication
state :publish #published
state :remove # destroyed
# state :spotlight
transition from: :draft, to: [:reject, :approve, :publish, :remove]
# transition from: :review, to: [:rejected, :approved, :removed]
transition from: :reject, to: [:draft, :remove]
transition from: :approve, to: [:publish, :remove]
transition from: :publish, to: :remove
end
文章过渡模型:
class ArticleTransition < ActiveRecord::Base
include Statesman::Adapters::ActiveRecordTransition
belongs_to :article, inverse_of: :article_transitions
end
文章负责人:
def approve
article = Article.find(params[:id])
if article.state_machine.transition_to!(:approve)
flash[:notice] = "This article has been approved for publication"
redirect_to action: :show, id: article_id
# add mailer to send message to article owner that article has been approved
else
flash[:error] = "You're not able to approve this article"
redirect_to action: :show, id: article_id
end
end
def publish
article = Article.find(params[:id])
authorize @article
if article.state_machine.transition_to!(:publish)
redirect_to action: :show, id: article_id
# how do you catch the date the state became published?
else
flash[:error] = "You're not able to publish this article"
redirect_to action: :show, id: article_id
end
end
谁能看出我做错了什么?
整个文章控制器有:
class ArticlesController < ApplicationController
before_action :set_article, only: [:show, :edit, :update, :destroy, :reject, :approve, :publish, :remove]
before_action :authenticate_user!, except: [:index, :show, :search, :reject, :approve, :publish, :remove]
respond_to :html, :json
# GET /articles
# GET /articles.json
def index
@articles = policy_scope(Article)
# query = params[:query].presence || "*"
# @articles = Article.search(query)
end
# def index
# if params[:query].present?
# @books = Book.search(params[:query], page: params[:page])
# else
# @books = Book.all.page params[:page]
# end
# end
# GET /articles/1
# GET /articles/1.json
def show
end
# GET /articles/new
def new
@article = Article.new
@article.comments.build
end
# GET /articles/1/edit
def edit
authorize @article
end
# POST /articles
# POST /articles.json
def create
# before_action :authenticate_user!
# authorize @article
@article = current_user.articles.new(article_params)
respond_to do |format|
if @article.save
format.html { redirect_to(@article) }
format.json { render :show, status: :created, location: @article }
else
format.html { render :new }
format.json { render json: @article.errors, status: :unprocessable_entity }
end
end
end
def search
if params[:search].present?
@articless = Article.search(params[:search])
else
@articles = Articles.all
end
end
# PATCH/PUT /articles/1
# PATCH/PUT /articles/1.json
def update
# before_action :authenticate_user!
authorize @article
respond_to do |format|
# if @article.update(article_params)
# format.json { render :show, status: :ok, location: @article }
# else
# format.html { render :edit }
# format.json { render json: @article.errors, status: :unprocessable_entity }
# end
# end
if @article.update(article_params)
format.html { redirect_to(@article) }
format.json { render :show, status: :ok, location: @article }
else
format.json { render json: @article.errors, status: :unprocessable_entity }
end
format.html { render :edit }
end
end
# DELETE /articles/1
# DELETE /articles/1.json
def destroy
before_action :authenticate_user!
authorize @article
@article.destroy
respond_to do |format|
format.json { head :no_content }
end
end
# def review
# article = Article.find(params[:id])
# if article.state_machine.transition_to!(:review)
# flash[:notice] = "Comments on this article have been made for your review"
# redirect_to action: :show, id: article_id
# else
# flash[:error] = "You're not able to review this article"
# redirect_to action: :show, id: article_id
# end
# end
def reject
end
def approve
article = Article.find(params[:id])
if article.state_machine.transition_to!(:approve)
flash[:notice] = "This article has been approved for publication"
redirect_to action: :show, id: article_id
# add mailer to send message to article owner that article has been approved
else
flash[:error] = "You're not able to approve this article"
redirect_to action: :show, id: article_id
end
end
def publish
article = Article.find(params[:id])
if article.state_machine.transition_to!(:publish)
redirect_to action: :show, id: article_id
# how do you catch the date the state became published?
else
flash[:error] = "You're not able to publish this article"
redirect_to action: :show, id: article_id
end
end
def remove
article = Article.find(params[:id])
if article.state_machine.transition_to!(:remove)
redirect_to root_path
else
flash[:error] = "You're not able to destroy this article"
redirect_to action: :show, id: article_id
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_article
@article = Article.find(params[:id])
authorize @article
end
# Never trust parameters from the scary internet, only allow the white list through.
def article_params
params.require(:article).permit(:body, :title, :image, :tag_list,
comment_attributes: [:opinion])
end
end
When I try to check if the article is in state :approve (as commented out above), I get an error message that says undefined method 'in_state'.
您是否尝试过将政策中的 article.in_state?(:approve) 更改为 article.state_machine.in_state?(:approve)?。
您遗漏了方法末尾的 ?:
in_state 方法实际上是一个 class 方法,其行为类似于作用域。
你需要使用in_state?方法,它是一个实例方法,像这样:
article.state_machine.in_state?(:approve)
您使用的 statesman gem 版本没有 in_state? 定义。您可以更新 gem。或者您可以使用 smallbuttoncom
但是,对于您的情况,一个简单的检查就足够了。在您的政策中尝试以下代码
article.state_machine.current_state == "approve"
希望对您有所帮助。