我知道這是一個愚蠢的,但我想知道我們如何創建一個current_user方法來訪問整個應用程序,而無需使用任何寶石或插件?爲了測試我創建了一個應用程序,使用戶能夠共享文件和folders.How創造這樣的方法,一個用戶只能訪問自己的文件夾和文件,這是我的代碼示例:如何在不使用任何寶石或插件的情況下創建當前用戶方法?
登錄控制器:
class LoginController < ApplicationController
layout 'signup'
#to skip checking the authentication and authorization.
skip_before_filter :check_authentication, :check_authorization
def index
end
def authenticate
if request.post?
user = User.authenticate(params[:username],params[:password])
if user
session[:current_user_id]=user.id
session[:name]= user.first_name
puts "session name #{session[:name]}"
redirect_to(:subdomain => user.company.subdomain, :controller => :dashboard)
else
flash.now[:notice] = "Invalid user/password combination"
end
end
end
def destroy
session[:current_user_id] = nil
reset_session
flash[:notice] = "You have been successfully logged out."
redirect_to root_url
end
end
用戶模式:
require 'digest/sha1'
class User < ActiveRecord::Base
#sharering method start
after_create :check_and_assign_shared_ids_to_shared_folders
#this is to make sure the new user ,of which the email addresses already used to share folders by others, to have access to those folders
def check_and_assign_shared_ids_to_shared_folders
#First checking if the new user's email exists in any of ShareFolder records
shared_folders_with_same_email = SharedFolder.find_all_by_shared_email(self.email)
if shared_folders_with_same_email
#loop and update the shared user id with this new user id
shared_folders_with_same_email.each do |shared_folder|
shared_folder.shared_user_id = self.id
shared_folder.save
end
end
end
#to check if a user has acess to this specific folder
def has_share_access?(folder)
#has share access if the folder is one of one of his own
return true if self.folders.include?(folder)
#has share access if the folder is one of the shared_folders_by_others
return true if self.shared_folders_by_others.include?(folder)
#for checking sub folders under one of the being_shared_folders
return_value = false
folder.ancestors.each do |ancestor_folder|
return_value = self.being_shared_folders.include?(ancestor_folder)
if return_value #if it's true
return true
end
end
return false
end
#sharing method end
def self.authenticate(name, password)
user = self.find_by_username(name)
if user
expected_password = encrypt_password(password, user.salt)
if user.hashed_password != expected_password
user = nil
end
end
user
end
#'password' is a virtual attribute
def password
@password
end
def password= (pwd)
@password =pwd
return if pwd.blank?
create_new_salt
self.hashed_password = User.encrypt_password(self.password, self.salt)
end
def self.users_in_company(user_id)
User.find(user_id).company.users
end
private
def password_non_blank
errors.add(:password, "Missing password, please enter your password") if hashed_password.blank?
end
def create_new_salt
self.salt = self.object_id.to_s + rand.to_s
end
def self.encrypt_password(password, salt)
string_to_hash = password +"prftnxt" + salt
Digest::SHA1.hexdigest(string_to_hash)
end
end
我要訪問的所有文件,「current_user.files」是有可能沒有任何寶石?
應用助手:
module ApplicationHelper
#for current user to use through out the app
def current_user
@current_user ||= session[:current_user_id] && User.find_by_id(session[:current_user_id]) # Use find_by_id to get nil instead of an error if user doesn't exist
end
end
應用控制器:
class ApplicationController < ActionController::Base
include UrlHelper
#include ApplicationHelper
helper_method :current_user #make this method available in views
protect_from_forgery
# def current_user
# @current_user ||= session[:current_user_id] && User.find_by_id(session[:current_user_id]) # Use find_by_id to get nil instead of an error if user doesn't exist
# end
end
和任務控制器:
class TasksController < ApplicationController
# GET /tasks
# GET /tasks.xml
def index
@menu = "Timesheet"
@page_name = "Manage Task"
company_id = Company.find_by_subdomain(request.subdomain)
@users = User.find_all_by_company_id(company_id)
@tasks = current_user.tasks.all#Task.all
@task = Task.new
respond_to do |format|
format.html # index.html.erb
format.html # new.html.erb
format.xml { render :xml => @tasks }
end
end
end
和我的錯誤信息,我得到:
NameError in TasksController#index
undefined local variable or method `current_user' for #<TasksController:0xfa7e638>
您好Marian是使用您的代碼,並將我的任務控制器中的方法應用爲「@tasks = current_user.tasks」,然後它會拋出一個錯誤「未定義的方法'任務'」,我錯過了什麼嗎? – Ravindra
你能發佈完整的錯誤信息嗎? –
嗨瑪麗安這裏是我的錯誤信息:在TasksController#指數NameError 爲#未定義的局部變量或方法'CURRENT_USER –
Ravindra