Rails 4:如何禁用编辑、销毁等， [英] Rails 4 : How to disable the Edit, Destroy etc,

问题描述

我可以禁用 Rails 中的Edit"和Destory"吗?例如，如果我想对所有人禁用Edit"，我在 test_controller.rb 中做什么?还是别的什么?我是 Rails 新手，提前致谢！

Can I disable the "Edit" and "Destory" in the Rails ?for example, if I want to disable the "Edit" for everyone,what show I do in the test_controller.rb ? or anything else? I am new to Rails, thanks in advance!

  class BooksController < ApplicationController
  before_action :set_book, only: [:show, :edit, :update,:destroy ]

  # GET /books
  # GET /books.json
  def index
    @books = Book.all
  end

  # GET /books/1
  # GET /books/1.json
  def show
  end

  # GET /books/new
  def new
    @book = Book.new
  end

  # GET /books/1/edit
def edit
end

  # POST /books
  # POST /books.json

  def create
    @book = Book.new(book_params)

    respond_to do |format|
      if @book.save
        format.html { redirect_to @book, notice: 'Book was successfully created.' }
        format.json { render :show, status: :created, location: @book }
      else
        format.html { render :new }
        format.json { render json: @book.errors, status: :unprocessable_entity }
      end
    end
   end


  # PATCH/PUT /books/1
  # PATCH/PUT /books/1.json

  def update
    respond_to do |format|
      if @book.update(book_params)
        format.html { redirect_to @book, notice: 'Book was successfully updated.' }
        format.json { render :show, status: :ok, location: @book }
      else
        format.html { render :edit }
        format.json { render json: @book.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /books/1
  # DELETE /books/1.json
  def destroy
    @book.destroy
    respond_to do |format|
      format.html { redirect_to books_url, notice: 'Book was successfully destroyed.' }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_book
      @book = Book.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def book_params
      params.require(:book).permit(:name, :author, :price)
    end
end

<小时>

`Rails.application.routes.draw do
  resources :books

  root :to => "home#index"
  get 'home/index'
end`

推荐答案

您可以限制 restful 路由，使 edit 和 destroy 操作无法访问.

You can restrict the restful routes to make edit and destroy actions inaccessible.

在你的 routes.rb 中，

In your routes.rb,

resources :books, except: [:edit, :destroy]

请参阅:http://guides.rubyonrails.org/routing.html#restricting-the-routes-created

编辑

如果你想保持 RESTful 路由(这样你就不必修改视图中的代码)，你可以在控制器中使用 before_action 来重定向用户.

If you want to keep to the RESTful routes (so that you don't have to modify code in your views), you can use before_action in controller to redirect users.

before_action :redirect_user, only: [:edit,:destroy]

def redirect_user
  redirect_to root_path
end

当您想根据某些条件限制对某些操作的访问时，通常会使用这种方法.

This approach is generally used when you want to restrict access to certain actions based on some condition.

例如，如果您只希望管理员编辑和删除书籍，您可以在 redirect_user 中设置条件，以检查当前用户是否为管理员并重定向非管理员用户.

For example, if you want only admins to edit and remove books, you can have condition inside redirect_user that checks if current user is admin or not and redirects non-admin users.

这篇关于Rails 4:如何禁用编辑、销毁等，的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！