为什么我在使用friendly_id时不能再编辑和销毁我的引脚?
我相信我从friendly_id github页面正确地遵循了所有步骤。 我知道它有效,因为它将我的URL从/ 1更改为/ sample-url。 然而,问题是我无法编辑和销毁我已更改url的引脚。
我希望有人可以帮我解决这个问题。 谢谢!
/pins_controller.rb
class PinsController params[:page], :per_page => 8) respond_with(@pins) end def show respond_with(@pin) end def new @pin = current_user.pins.build respond_with(@pin) end def edit end def create @pin = current_user.pins.build(pin_params) if @pin.save redirect_to @pin, notice: "Pin was successfully created." else render action: "new" end end def update if @pin.update(pin_params) redirect_to @pin, notice: "Pin was successfully updated." else render action: "edit" end end def destroy @pin.destroy respond_with(@pin) end def upvote @pin = Pin.find(params[:id]) @pin.upvote_by current_user redirect_to :back end def downvote @pin = Pin.find(params[:id]) @pin.downvote_from current_user redirect_to :back end private def set_pin @pin = Pin.friendly.find(params[:id]) end def correct_user @pin = current_user.pins.find_by(id: params[:id]) redirect_to pins_path, notice: "Not authorized to edit this pin" if @pin.nil? end def pin_params params.require(:pin).permit(:description, :image) end end /pin.rb
class Pin { :medium => '300x300>', :thumb => '100x100>' } validates_attachment_content_type :image, :content_type => ["image/jpg", "image/jpeg", "image/png"] validates :image, presence: true validates :description, presence: true extend FriendlyId friendly_id :description, use: :slugged end
罪魁祸首是@pin = current_user.pins.find_by(id: params[:id]) 。
请注意,对于编辑,更新和销毁操作,您将获取两次引脚。 一旦进入set_pin ,一次进入correct_user 。 在correct_user ,您只需要检查@pin.user_id == current_user.id 。
此外,您现在拥有它的方式,您在authenticate_user!的用户身份authenticate_user! 最后运行,如果未经身份validation的用户向编辑操作提交请求,则会导致错误。
class PinsController < ApplicationController #authenticate_user! must go first before_action :authenticate_user!, except: [:index, :show] before_action :set_pin, only: [:show, :edit, :update, :destroy] before_action :correct_user, only: [:edit, :update, :destroy] respond_to :html .... your actions here private def set_pin @pin = Pin.friendly.find(params[:id]) end def correct_user unless @pin.user_id == current_user.id redirect_to pins_path, notice: "Not authorized to edit this pin" #you must return false to halt false end end def pin_params params.require(:pin).permit(:description, :image) end end