Rails - Pundit - 如何检查 current_admin_user?
Rails - Pundit - how to check for current_admin_user?
我正在使用 Pundit 为我的用户模型授权。
我的目标是扩展它以使用我的 AdminUser 模型,特别是我的管理命名空间。
默认情况下,Pundit 检查 "user" 或 "current_user"。我如何根据 Devise 更改此设置以检查 "admin_user" 或 "current_admin_user"?
policies/admin/admin_policy.rb(封闭系统,目前寻找User而不是AdminUser)
class Admin::AdminPolicy
attr_reader :user, :record
def initialize(user, record)
# Must be logged in
raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
@user = user
@record = record
end
def index?
false
end
def show?
false
end
def create?
false
end
def new?
create?
end
def update?
false
end
def edit?
update?
end
def destroy?
false
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
@user = user
@scope = scope
end
def resolve
scope.all
end
end
end
policies/admin/home_policy.rb(Admin 命名空间的示例子策略)
class Admin::HomePolicy < Admin::AdminPolicy
def index?
user.present?
end
end
我认为您需要在控制器上定义方法 pundit_user 以对其进行自定义 https://github.com/varvet/pundit#customize-pundit-user
def pundit_user
current_admin_user
end
我正在使用 Pundit 为我的用户模型授权。
我的目标是扩展它以使用我的 AdminUser 模型,特别是我的管理命名空间。
默认情况下,Pundit 检查 "user" 或 "current_user"。我如何根据 Devise 更改此设置以检查 "admin_user" 或 "current_admin_user"?
policies/admin/admin_policy.rb(封闭系统,目前寻找User而不是AdminUser)
class Admin::AdminPolicy
attr_reader :user, :record
def initialize(user, record)
# Must be logged in
raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
@user = user
@record = record
end
def index?
false
end
def show?
false
end
def create?
false
end
def new?
create?
end
def update?
false
end
def edit?
update?
end
def destroy?
false
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
@user = user
@scope = scope
end
def resolve
scope.all
end
end
end
policies/admin/home_policy.rb(Admin 命名空间的示例子策略)
class Admin::HomePolicy < Admin::AdminPolicy
def index?
user.present?
end
end
我认为您需要在控制器上定义方法 pundit_user 以对其进行自定义 https://github.com/varvet/pundit#customize-pundit-user
def pundit_user
current_admin_user
end