Rails 4:如何禁用编辑、销毁等, [英] Rails 4 : How to disable the Edit, Destroy etc,
问题描述
我可以禁用 Rails 中的Edit"和Destory"吗?例如,如果我想对所有人禁用Edit",我在 test_controller.rb 中做什么?还是别的什么?我是 Rails 新手,提前致谢!
Can I disable the "Edit" and "Destory" in the Rails ?for example, if I want to disable the "Edit" for everyone,what show I do in the test_controller.rb ? or anything else? I am new to Rails, thanks in advance!
class BooksController < ApplicationController
before_action :set_book, only: [:show, :edit, :update,:destroy ]
# GET /books
# GET /books.json
def index
@books = Book.all
end
# GET /books/1
# GET /books/1.json
def show
end
# GET /books/new
def new
@book = Book.new
end
# GET /books/1/edit
def edit
end
# POST /books
# POST /books.json
def create
@book = Book.new(book_params)
respond_to do |format|
if @book.save
format.html { redirect_to @book, notice: 'Book was successfully created.' }
format.json { render :show, status: :created, location: @book }
else
format.html { render :new }
format.json { render json: @book.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /books/1
# PATCH/PUT /books/1.json
def update
respond_to do |format|
if @book.update(book_params)
format.html { redirect_to @book, notice: 'Book was successfully updated.' }
format.json { render :show, status: :ok, location: @book }
else
format.html { render :edit }
format.json { render json: @book.errors, status: :unprocessable_entity }
end
end
end
# DELETE /books/1
# DELETE /books/1.json
def destroy
@book.destroy
respond_to do |format|
format.html { redirect_to books_url, notice: 'Book was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_book
@book = Book.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def book_params
params.require(:book).permit(:name, :author, :price)
end
end
<小时>
`Rails.application.routes.draw do
resources :books
root :to => "home#index"
get 'home/index'
end`
推荐答案
您可以限制 restful 路由,使 edit
和 destroy
操作无法访问.
You can restrict the restful routes to make edit
and destroy
actions inaccessible.
在你的 routes.rb 中,
In your routes.rb,
resources :books, except: [:edit, :destroy]
请参阅:http://guides.rubyonrails.org/routing.html#restricting-the-routes-created
编辑
如果你想保持 RESTful 路由(这样你就不必修改视图中的代码),你可以在控制器中使用 before_action 来重定向用户.
If you want to keep to the RESTful routes (so that you don't have to modify code in your views), you can use before_action in controller to redirect users.
before_action :redirect_user, only: [:edit,:destroy]
def redirect_user
redirect_to root_path
end
当您想根据某些条件限制对某些操作的访问时,通常会使用这种方法.
This approach is generally used when you want to restrict access to certain actions based on some condition.
例如,如果您只希望管理员编辑和删除书籍,您可以在 redirect_user
中设置条件,以检查当前用户是否为管理员并重定向非管理员用户.
For example, if you want only admins to edit and remove books, you can have condition inside redirect_user
that checks if current user is admin or not and redirects non-admin users.
这篇关于Rails 4:如何禁用编辑、销毁等,的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!