当前位置：文江博客话题详情

CanCan 用于共享视图

发布于 2024-12-22 16:55:39 字数 598 浏览 1 评论 0原文

我正在使用 cancan 进行授权。我有一个共享视图，需要根据它是哪个控制器进行授权。

问题是：我共享了部分内容（description.rhtml），它由两个不同的模型（产品和订单）使用。因此，当有人访问

www.example.com/product/1 时 - 描述部分显示有关产品的描述 www.example.com/order/1 - 描述部分显示有关订单的描述

此描述部分上有编辑按钮，以便用户可以编辑它，但条件是

用户在产品/1 页面或
所有者时必须是产品的所有者当用户位于订单/1 页时的订单数量。

我的能力类别检查

用户是否是所有者 - 取决于产品或订单控制器然而在视图中：
```
if（可以吗？：更新，@orders）|| （可以吗？：更新，@product）
<隐藏编辑按钮>
结尾
```
但如果可以呢？ :update, @orders 返回 true 或 false，仅根据该条件显示或隐藏编辑按钮

所以我的问题是如何使用 CanCan 来解决这个问题

希望我很清楚。

原文

I am using cancan for authorization. I have a shared view which need authorize depending on which controller it is.

The problem is:
I have shared partial (description.rhtml) and it is used by two different models (Product and Orders). So when some one go to

www.example.com/product/1 - description section shows description about product
www.example.com/order/1 - description section shows description about order

This description section has edit button on it so the user can edit it but the condition is

the user must be owner of the product when on product/1 page or
owner of order when user is on order/1 page.

My ability class check for

if user is owner or not - depending on product or order controller
However on view:
```
if (can? :update, @orders) || (can? :update, @product)
< hide edit button >
end
```
but if can? :update, @orders return true or false, it show or hides edit button depending on that condition only

So my question is how can make use CanCan to tackle this problem

Hope I was clear.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

茶底世界 2024-12-29 16:55:39

我认为您不应该对产品和订单使用完全相同的部分。

您可能想使用布局：

views/layouts/description.html.erbviews

<div class="description">
    <%= model.description %>
    <!-- other common code... -->
    <div class="actions">
        <%= yield %>
    </div>
</div>

/orders/description.html.erb

<%= render :layout => "layouts/description", :locals => { :model => @order } do %>
    <%= if (can? :update, @order) %>
       your link
    <% end %>
<%= end %>

您不必这样做，但我认为这比在同一个模型中处理多个模型更干净部分的。

旁注：

但是如果可以吗？ :update，@orders 返回 true 或 false，它仅根据该条件显示或隐藏编辑按钮

我不太明白。如果@orders为空，那么可以吗？将返回 false，整个表达式的结果将是 (can? :update, @product) 的结果，我认为这就是您想要的。

I think you should not use the exact same partial for products and orders.

You might want to use a layout:

views/layouts/description.html.erb

<div class="description">
    <%= model.description %>
    <!-- other common code... -->
    <div class="actions">
        <%= yield %>
    </div>
</div>

views/orders/description.html.erb

<%= render :layout => "layouts/description", :locals => { :model => @order } do %>
    <%= if (can? :update, @order) %>
       your link
    <% end %>
<%= end %>

You don't have to do that, but I think it's cleaner than having to deal with several models in the same partial.

side note:

but if can? :update, @orders return true or false, it show or hides edit button depending on that condition only

I don't really understand that. If @orders were null, then can? would return false, and the result of the whole expression would be the result of (can? :update, @product) which, I thought, was what you wanted.

回复收藏 0 原文

~没有更多了~