Rails - 限制用户免于遵循自己

Question

我有一个下面的系统，如果params[:id]与当前用户的相同，我想限制用户控制器操作'upol'。

我使用cancancan（最新的Cancan Gem）来做我的授权工作。

控制器/用户_controller.rb

def follow
  Followership.create(leader_id: params[:id], follower_id: current_user.id)
  ...
end

.

models / user.rb

class User < ActiveRecord::Base
  has_many :followers, :class_name => 'Followership', dependent: :destroy
  has_many :followed_by, :class_name => 'Followership', dependent: :destroy
  ...
end

.

models / metuelters.rb

class Followership < ActiveRecord::Base
  belongs_to :leader, :class_name => 'User'
  belongs_to :follower, :class_name => 'User'
  ...
end

.

Answer 1

在Followship模型上添加验证：

class Followership < ActiveRecord::Base
  belongs_to :leader, :class_name => 'User'
  belongs_to :follower, :class_name => 'User'

  validate :doesnt_follow_self

  private

  def doesnt_follow_self
    errors.add(:base, 'You can\'t follow yourself') if leader == follower
  end
end

.

Answer 2

也许您可以使用验证：

#app/models/followership.rb
Class FollowerShip < ActiveRecord::Base
  include ActiveModel::Validations

  ...
  validates_with FollowValidator
end

#app/validators/follow_validator.rb
class FollowValidator < ActiveModel::Validator
  def validate(record)
    if record.leader_id == record.follower_id
      record.errors[:leader_id] << "Sorry, you can't follow yourself!"
    end
  end
end

.

---

我是在@BroiStatse发布

时的一半