添加针对博客撰写、编辑、删除功能的权限控制

This commit is contained in:
meganchen15 2016-01-08 19:09:49 +08:00
parent e2d8649aae
commit 133bb03350
4 changed files with 10 additions and 7 deletions

View File

@ -2,7 +2,7 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
helper_method :current_user, :is_logined?, :current_user_is_admin?, :get_categories_options, :current_user_can_star?,
helper_method :current_user, :is_logined?, :current_user_is_admin?, :current_user_is_author?, :get_categories_options, :current_user_can_star?,
:current_user_can_edit_comment?, :markdown_parser
rescue_from Exception, with: :error_500 unless Rails.env.development?
@ -23,6 +23,10 @@ class ApplicationController < ActionController::Base
@current_user && @current_user.admin
end
def current_user_is_author?(article)
@current_user.id == article.user_id
end
def current_user_can_star?(article)
return false unless @current_user
!article.article_stars.find_by(user_id: @current_user.id).present?

View File

@ -1,5 +1,5 @@
class ArticlesController < ApplicationController
before_filter :check_current_user_is_admin, only: [:new, :create, :edit, :update]
# before_filter :check_current_user_is_admin, only: [:new, :create, :edit, :update]
before_filter :article, only: [:show, :edit, :update, :destroy, :star]
def index

View File

@ -4,7 +4,7 @@
- if @article.source.empty?
[原创]
= @article.title
- if current_user_is_admin?
-if current_user_is_author?(@article) || current_user_is_admin?
= link_to edit_article_path(@article) do
%span.icon.icon-edit
= link_to article_path(@article), method: 'delete', "data-confirm"=> "确定删除吗?" do

View File

@ -33,9 +33,8 @@
= gravatar_image_tag @current_user.email, size: 100, alt: @current_user.nickname, gravatar: {default: 'https://secure.gravatar.com/avatar/08f077ea061585744ee080824f5a8e65.png?r=PG&d=identicon&s=64'}
%li
= link_to '设置', set_blogs_path
- if current_user_is_admin?
%li
= link_to '写博客', new_article_path
%li
= link_to '写博客', new_article_path
%li
= link_to '退出', logout_path
.navbar-header.navbar-avatar
@ -63,4 +62,4 @@
//$('.dropdown-toggle').dropdown('toggle')
});
$('.dropdown-toggle').dropdown();
});
});