设计/ cancan重定向管理问题 [英] Devise/cancan redirect admin issue
问题描述
class ApplicationController< ActionController :: Base
protect_from_forgery
def after_sign_in_path_for(用户)
如果current_user.admin?
admin_index_path
else
dashboard_index_path
end
end
end
我当前的管理控制器:
class AdminController< ApplicationController
/ pre>
def index
如果current_user.admin?
admin_index_path
else
home_index_path
end
end
end
目标当然是只允许对管理员用户访问管理员索引页面。当我以管理员身份登录时,重定向工作正常,但是当导航到admin_index_path作为非管理员用户(nil:NilClass的未定义方法admin?)时,我在AdminController#index错误中收到NoMethodError。有关这个问题的帮助?我觉得可能有一个CanCan解决方案会更加优雅和安全,但是我还没有找到一个很好的解释说明如何实现。思考?感谢提前!
解决方案使用before_filter
https://github.com/plataformatec/devise#controller-filters-and-helpers
class AdminController< ApplicationController
before_filter:authenticate_user !, only:[:index]
before_filter:is_admin,only:[:index]
def index
end
private
def is_admin
如果user_signed_in?
如果current_user.admin?
true
else
redirect_to home_index_path
end
else
redirect_to login_path
end
end
结束
user_signed_in?
检查用户是否已登录和
current_user.admin?
检查是管理员访问索引
或
def is_admin
如果current_user.nil?
redirect_to login_path
else
如果current_user.admin?
true
else
redirect_to home_index_path
end
end
end
I have a User model with a boolean switch to designate admin t/f. My current application controller:
class ApplicationController < ActionController::Base protect_from_forgery def after_sign_in_path_for(user) if current_user.admin? admin_index_path else dashboard_index_path end end end
My current admin controller:
class AdminController < ApplicationController def index if current_user.admin? admin_index_path else home_index_path end end end
The goal is of course to only allow access to the admin index page to admin users. The redirect works fine when I sign in as admin, but I'm getting a NoMethodError in AdminController#index error when I navigate to admin_index_path as an non-admin user (undefined method `admin?' for nil:NilClass). Help on this issue? I feel like there is probably a CanCan solution that would be more elegant and secure, but I haven't found a good explanation of how to accomplish that. Thoughts? Thanks in advance!
解决方案Use before_filter
https://github.com/plataformatec/devise#controller-filters-and-helpers
class AdminController < ApplicationController before_filter :authenticate_user!, only: [:index] before_filter :is_admin, only: [:index] def index end private def is_admin if user_signed_in? if current_user.admin? true else redirect_to home_index_path end else redirect_to login_path end end end
user_signed_in?
check user have sign in andcurrent_user.admin?
check is admin when access indexor
def is_admin if current_user.nil? redirect_to login_path else if current_user.admin? true else redirect_to home_index_path end end end
这篇关于设计/ cancan重定向管理问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!