1

我无法解决permission.rb 上的这个语法错误。它说它需要一个额外的“结束”,但是当我添加它时,Safari 无法加载页面。我在这两个文件上尝试了几种不同的方法,似乎都没有。有任何想法吗?

错误:

    SyntaxError in UsersController#new

/Users/lexi87/dating/app/controllers/application_controller.rb:20: syntax error, unexpected keyword_end, expecting end-of-input
Rails.root: /Users/lexi87/dating

Application Trace | Framework Trace | Full Trace
app/controllers/users_controller.rb:1:in `<top (required)>'

permission.rb(没有额外的“结束”):

class Permission < Struct.new(:user)
  def allow?(controller, action)
    if user.nil?
      controller == "galleries" && action.in?(%w[index show])
    elsif user.admin?
      true
    else
      controller == "galleries" && action != "destroy"
    end
  end

应用程序控制器:

class ApplicationController < ActionController::Base
  protect_from_forgery

private

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  helper_method :current_user

  def current_permission
    @current_permission || ::Permission.new(current_user)
  end
end
  def authorize
    if !current_permission.allow?(params[:controller], params[:action])
      redirect_to root_url, alert: "Not authorized."
    end
  end
end

更新

Here's my users_controller:

class UsersController < ApplicationController
  before_filter :authorize

  def new
    @user = User.new
  end

  def profile
    @profile = User.profile
  end

  def create
    @user = User.new(params[:user])
    if @user.save
      UserMailer.registration_confirmation(@user).deliver
      session[:user_id] = @user.id
      redirect_to root_url, notice: "Thank you for signing up!"
    else
      render "new"
    end
  end

  def show
    @user = User.find(params[:id])
  end

    def edit
      @user = User.find(params[:id])
end

  def index
    @users = User.all
  end

  def destroy
     User.find(params[:id]).destroy
     flash[:success] = "User deleted."
     redirect_to users_url
   end

def update
    @user = User.find(params[:id])
    if @user.update_attributes(params[:user])
      flash[:success] = "Account updated"
      redirect_to @user
      authorize! :update, @user
    else
      render 'edit'
    end
end
end
4

3 回答 3

1

看起来您需要end在 permission.rb 中使用另一个,并且需要在 application_controller.rb 中移动一个:

class ApplicationController < ActionController::Base
  protect_from_forgery

private

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  helper_method :current_user

  def current_permission
    @current_permission || ::Permission.new(current_user)
  end
end  # this shouldn't be here
  def authorize
    if !current_permission.allow?(params[:controller], params[:action])
      redirect_to root_url, alert: "Not authorized."
    end
  end
# it should be here
于 2013-03-14T16:12:58.290 回答
0

您不必关闭private关键字。

end之后_

def current_permission

没有必要 !

于 2013-03-14T16:13:17.613 回答
0

更正

1.

你绝对需要end在末尾permission.rb

2.

您不需要和端到端的私有部分ApplicationController。private 关键字下方的所有内容都被视为“私有”。所以你需要移动“授权”方法。

解决方案

所以完整的代码是(将一种方法移动到“公共”中):

权限.rb:

class Permission < Struct.new(:user)
  def allow?(controller, action)
    if user.nil?
      controller == "galleries" && action.in?(%w[index show])
    elsif user.admin?
      true
    else
      controller == "galleries" && action != "destroy"
    end
  end
end

应用程序控制器:

class ApplicationController < ActionController::Base
  protect_from_forgery

  def authorize
    if !current_permission.allow?(params[:controller], params[:action])
      redirect_to root_url, alert: "Not authorized."
    end
  end

private

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  helper_method :current_user

  def current_permission
    @current_permission || ::Permission.new(current_user)
  end

end
于 2013-03-14T16:14:58.037 回答