我正在处理用户添加页面。在表单中,有一个复选框,您可以选择管理员或开发人员。然后您从列表中为新用户选择一家公司。该公司可以是经销商,也可以不是。开发人员必须仅属于经销商,非管理员非开发人员用户必须属于非经销商。我怎样才能做到这一点?这是我的 user.rb :
class User < ActiveRecord::Base
attr_accessible :email, :name, :password, :password_confirmation, :developer, :admin, :company_id, :boss_id
has_many :sent_configuration, :class_name => 'Conf', :foreign_key => 'developer_id', :dependent => :destroy
has_many :received_configuration, :class_name => 'Conf', :foreign_key => 'user_id'
belongs_to :company
has_secure_password
before_save { |user| user.email = email.downcase }
before_save :create_token
validates :company_id, presence: true
validates :name, presence: true, length: { maximum:50 }
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true,
format: { with: VALID_EMAIL_REGEX },
uniqueness: { case_sensitive: false }
validates :password, presence: true, length: { minimum: 6 }
validates :password_confirmation, presence: true
private
def create_token
self.token = SecureRandom.urlsafe_base64
end
end
这是我的 newuser.html.erb :
<% provide(:title, 'Invite') %>
<h1>Invite new user</h1>
<div class="row">
<div class="span6 offset3">
<%= form_for @user do |f| %>
<%= render '/shared/error_messages' %>
<%= f.label :name %>
<%= f.text_field :name %>
<%= f.label :email %>
<%= f.text_field :email %>
<% if current_user.admin? %>
<%= f.label :developer %>
<%= f.check_box :developer %>
<br /><br />
<%= f.label :admin %>
<%= f.check_box :admin %>
<% end %>
<br /><br />
<%= f.label :company_id %>
<%= f.collection_select :company_id, Company.all , :id, :name_for_form, {:prompt => 'Please select the company of this user'} %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation, "Confirmation" %>
<%= f.password_field :password_confirmation %>
<%= f.submit "Invite new user", class: "btn btn-large btn-primary" %>
<% end %>
</div>
</div>
这是我的 users_controller.rb :
class UsersController < ApplicationController
before_filter :signed_in_user, only:[:index, :edit, :update, :destroy]
before_filter :correct_user, only:[:edit, :update]
before_filter :admin_user, only: :destroy
def show
@user = User.find(params[:id])
end
def newuser
@user = User.new
end
def create
@user = User.new(params[:user])
if @user.save
#sign_in @user
flash[:success] = "Welcome to the ManusWeb!"
redirect_to @user
else
render 'newuser'
end
end
def index
@users = User.where(:developer => false).paginate(page: params[:page])
respond_to do |format|
format.html #index.html.erb
format.json { render json: @users }
format.xml { render xml: @users }
end
end
def developers
@users = User.where(:developer => true).paginate(page: params[:page])
end
def clients
@users = User.where(:boss_id => current_user.id).paginate(page: params[:page])
end
def update
if @user.update_attributes(params[:user])
# Handle a successful update.
flash[:success] = "Profile updated"
sign_in @user
redirect_to @user
else
render 'edit'
end
end
def destroy
User.find(params[:id]).destroy
flash[:success] = "User deleted"
redirect_to users_url
end
def client
( !current_user.admin? && !current_user.developer? )
end
private
def signed_in_user
unless signed_in?
store_location
redirect_to signin_url, notice: "Please sign in"
end
end
def correct_user
@user = User.find(params[:id])
redirect_to root_url, notice: "You are not authorized to request this page" unless current_user?(@user)
end
def admin_user
redirect_to(root_path) unless current_user.admin?
end
end