0

所以,我希望用户能够发表评论。目前,任何人都可以通过在名称字段中输入任意名称来发表评论。

但我想将评论与用户相关联。因此,评论表单中不再需要名称字段,因为它将是用户名。

如何才能做到这一点?

我关注了 Ryan Bates railscast,但他从不将评论与用户联系起来。

评论控制器.rb

class CommentsController < ApplicationController
  before_action :set_comment, only: [:show, :edit, :update, :destroy]


  def index
    @comments = Comment.where("song_id IS NOT ?", nil)
  end

  def show
  end

  # GET /comments/new
  def new
  end

  # GET /comments/1/edit
  def edit
  end

  # POST /comments
  # POST /comments.json
  def create
    @comment = Comment.new(comment_params)    

    respond_to do |format|
      if @comment.save
        format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully created.'  }
        format.json { render action: 'show', status: :created, location: @comment}
      else
        format.html { render action: 'new' }
        format.json { render json: @comment.errors, status: :unprocessable_entity }
      end
    end
  end


  # PATCH/PUT /comments/1
  # PATCH/PUT /comments/1.json
  def update
    respond_to do |format|
      if @comment.update(comment_params)
        format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: 'edit' }
        format.json { render json: @comment.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /comments/1
  # DELETE /comments/1.json
  def destroy
    @comment.destroy
      redirect_to song_url(@comment.song_id)
    end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_comment
      @comment = Comment.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def comment_params
      params.require(:comment).permit(:song_id, :author_name, :site_url, :content, :user_id)
    end
end

用户.rb

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable,
  # :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

  has_many :songs
  has_many :comments

  acts_as_voter

end

评论.rb

class Comment < ActiveRecord::Base

  belongs_to :user
  belongs_to :song
end

评论#form.html.erb

<%= form_for @comment do |f| %>
  <% if @comment.errors.any? %>
    <div id="error_explanation">
      <h2><%= pluralize(@comment.errors.count, "error") %> prohibited this comment from being saved:</h2>

      <ul>
      <% @comment.errors.full_messages.each do |msg| %>
        <li><%= msg %></li>
      <% end %>
      </ul>
    </div>
  <% end %>


    <div id="comment_form">
  <div class="field">
     <%= f.hidden_field :song_id %>
      <p>
        <%= f.text_field :author_name, placeholder: "Name"  %>
      </p>

      <p>
        <%= f.text_area :content, :rows => '12', :cols => 35, placeholder: "Leave a comment..."  %>
      </p>
      <p><%= f.submit "Submit" %></p>
    <% end %>
    <br /><br />

    </div></div>
4

1 回答 1

1

如果还没有,您的Comment表应该有一个名为的列。user_id然后,您可以分配user_id两种不同的方式。这些假设你有一个current_user方法。如果您不这样做,那么您将不得不从您正在使用的任何会话存储或方法中填写 user_id。

您可以在表单中创建一个 hidden_​​field 来分配它。

<%= f.hidden_field :user_id, value: current_user.id %>

但正如@rmagnum2002 所指出的,这可能是一个安全问题,因为用户可以编辑它。

您可以在创建操作期间分配它:

def create
  @comment = Comment.new(comment_params)
  @comment.user_id = current_user.id

  respond_to do |format|
    if @comment.save
      format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully created.'  }
      format.json { render action: 'show', status: :created, location: @comment}
    else
      format.html { render action: 'new' }
      format.json { render json: @comment.errors, status: :unprocessable_entity }
    end
  end
end

在控制器创建操作中分配它可能是最好的。

于 2013-08-01T03:08:18.143 回答