0

我试图允许用户创建项目......一旦用户创建项目......他们将自动关注该项目。(我的应用程序设置允许用户从项目配置文件上的“关注”按钮关注项目)。我希望项目创建者自动关注新项目,而无需单击“关注”按钮。我根据 Bilal 的回答重新排列了我的代码......但现在单击“创建项目”只会刷新“新”视图(没有项目被发布)。我认为这与权威人士的授权有关,但也许有人可以澄清为什么“创建”操作不再起作用......

我的项目模型:

class Project < ActiveRecord::Base
  belongs_to :owner, :foreign_key=>'user_id', :class_name=>'User'

  has_many :reverse_relationships, foreign_key: "followed_id",
                                   class_name: "Relationship",
                                   dependent: :destroy
  has_many :followers, through: :reverse_relationships, source: :follower

  validates :title, presence: true
  validates :background, presence: true
  validates :projectimage, presence: true

  mount_uploader :projectimage, ProjectimageUploader
  attr_accessor :crop_x, :crop_y, :crop_w, :crop_h
  after_update :crop_projectimage

  def crop_projectimage
    projectimage.recreate_versions! if crop_x.present?
  end

  def private?
    self.is_private == true
  end

  def public?
    self.is_private == false
  end
end

关系模型:

class Relationship < ActiveRecord::Base
  belongs_to :follower, class_name: "User"
  belongs_to :followed, class_name: "Project"
  validates :follower_id, presence: true
  validates :followed_id, presence: true

  enum role: [:admin, :collaborator, :visitor]
  after_initialize :set_default_role, :if => :new_record?

  def set_default_role
    self.role ||= :visitor
  end
end

我的项目控制器:

class ProjectsController < ApplicationController
  before_filter :authenticate_user!, only: [:create, :new, :edit, :update, :delete, :followers]

  # CREATES REDIRECT & ALERT MESSAGE WHEN PUNDIT SEES SOMEONE IS NOT AUTHORIZED (via :not_authorized_in_project below)
  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized

  def new
    @project = Project.new
  end

  def show
    @project = Project.find(params[:id])
    authorize @project, :visit? 
    # @user = User.where(:id => @project.user_id).first
  rescue Pundit::NotAuthorizedError
    flash[:warning] = "You are not authorized to access this page."
    redirect_to project_path || root_path
  end

  def index
    @projects = policy_scope(Project).all
  end

  def create
    @project = current_user.own_projects.build(project_params)
    @project.followers << current_user
    if @project.save
      if params[:project][:projectimage].present?
        render :crop
      else
        flash[:success] = "You've successfully created a Project..."
        redirect_to @project
      end
    else
      render 'new'
    end
  end

  def update
    @project = Project.find(params[:id])
    if @project.update_attributes(project_params)
      if params[:project][:projectimage].present?
        render :crop
      else
        flash[:success] = "Project Created"
        redirect_to @project
      end
    else
      render 'edit'
    end
  end

  def destroy
    User.find(params[:id]).destroy
    flash[:success] = "Project destroyed"
    redirect_to users_path
  end

  def followers
    @title = "Following this Project"
    @project = Project.find(params[:id])
    @project = @project.followers.paginate(page: params[:page])
    render 'show_follow_project'
  end

  private

  def project_params
    params.require(:project).permit(:title, :background, :is_private, :projectimage, :user_id, :crop_x, :crop_y, :crop_w, :crop_h)
  end

  def user_not_authorized
    flash[:warning] = "You are not authorized to access this page."
    redirect_to project_path(@project) || root_path
  end
end

我的用户模型:

class User < ActiveRecord::Base
  has_many :own_projects, :class_name=>'Project'

  has_many :projects
  has_many :relationships, foreign_key: "follower_id", dependent: :destroy

  has_many :followed_projects, through: :relationships, source: :followed
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

  def following?(some_project)
   relationships.find_by_followed_id(some_project.id)
  end

  def follow!(some_project)
   self.relationships.create!(followed_id: some_project.id)
  end

  def unfollow!(some_project)
   relationships.find_by_followed_id(some_project.id).destroy
  end

Pundit 项目政策:

class ProjectPolicy < Struct.new(:user, :project)
  class Scope < Struct.new(:user, :scope)
    # SCOPE & RESOLVE METHOD USED TO RESTRICT PROJECTS INDEX TO PUBLIC & THOSE YOU'RE AN ADMIN/COLLAB ON
    def resolve
      followed_project_ids = user.followed_projects.map(&:id)
      public_project_ids = Project.where(:is_private=>false).map(&:id)
      Project.where(:id=>followed_project_ids + public_project_ids)
    end
  end

    def update?
      user.project_admin? || user.project_collaborator?
    end


    # METHOD USED IN PROJECTS_CONTROLLER (SHOW) TO RESTRICT VISITING PRIVATE PROJECT PROFILES TO ADMINS & COLLABS
    def visit?
      user.project_admin?(project) || user.project_collaborator?(project)
    end

end
4

1 回答 1

1

current_user在模型中使用从来都不是一个好主意,请参阅this以供参考。

设置这个东西的任何简单有效的地方都是控制器本身。因此,您可以编写以下代码:

def create
  @project = current_user.own_projects.build(project_params)
  @project.followers << current_user
  if @project.save
    if params[:project][:projectimage].present?
      render :crop
    else
      flash[:success] = "You've successfully created a Project..."
      redirect_to @project
    end
  else
    render 'new'
  end
end
于 2016-03-20T20:40:06.640 回答