Rails - 限制用户免于遵循自己
-
20-12-2019 - |
题
我有一个下面的系统,如果params[:id]
与当前用户的相同,我想限制用户控制器操作'upol'。
我使用cancancan(最新的Cancan Gem)来做我的授权工作。
控制器/用户_controller.rb
def follow
Followership.create(leader_id: params[:id], follower_id: current_user.id)
...
end
.
models / user.rb
class User < ActiveRecord::Base
has_many :followers, :class_name => 'Followership', dependent: :destroy
has_many :followed_by, :class_name => 'Followership', dependent: :destroy
...
end
.
models / metuelters.rb
class Followership < ActiveRecord::Base
belongs_to :leader, :class_name => 'User'
belongs_to :follower, :class_name => 'User'
...
end
. 解决方案
在Followship
模型上添加验证:
class Followership < ActiveRecord::Base
belongs_to :leader, :class_name => 'User'
belongs_to :follower, :class_name => 'User'
validate :doesnt_follow_self
private
def doesnt_follow_self
errors.add(:base, 'You can\'t follow yourself') if leader == follower
end
end
. 其他提示
也许您可以使用验证:
#app/models/followership.rb
Class FollowerShip < ActiveRecord::Base
include ActiveModel::Validations
...
validates_with FollowValidator
end
#app/validators/follow_validator.rb
class FollowValidator < ActiveModel::Validator
def validate(record)
if record.leader_id == record.follower_id
record.errors[:leader_id] << "Sorry, you can't follow yourself!"
end
end
end
.
我是在@BroiStatse
发布
不隶属于 StackOverflow