Rails 4:如何使用户仅在自己的办公室中查看文件
[英]Rails 4:How to make users view only files in their own office
问题描述
I am creating a file tracking system whereby users can track the movement from one office to another. 
我正在创建一个文件跟踪系统,用户可以跟踪从一个办公室到另一个办公室的移动。 I've gotten most of the application to work but presently every user can view all files regardless of where it's in their office, or not because in the file index. 我已经使大多数应用程序正常工作,但是目前每个用户都可以查看所有文件,而不管文件在办公室的什么位置,或者因为文件索引而无法查看。
I am using File.all in my file index action. 我在文件索引操作中使用File.all。 Is there a way I can have a user only view and track files that is only currently in their own office, while the registry officer(admin) can view and track all files? 有什么方法可以让用户仅查看和跟踪当前仅在其自己的办公室中的文件,而注册主任(admin)可以查看和跟踪所有文件?
My relationships between models: 我的模型之间的关系:
File model 档案模型
class Nasfile < ActiveRecord::Base
belongs_to :category
has_many :trackers, dependent: :destroy
before_save :file_full_number, :on => [:create, :update]
def file_full_number
if self.file_sub.present?
self.file_number = [self.file_number , self.file_sub].join('/')
else
self.file_number = self.file_number
end
end
end
Office Model 办公模式
class Office < ActiveRecord::Base
belongs_to :department
has_many :users
has_many :received_files,:class_name => 'Tracker', :foreign_key => 'office_sent_to_id'
has_many :sent_files,:class_name => 'Tracker', :foreign_key => 'office_sent_from_id'
def self.all_without(excluded)
where("id NOT IN (?)", excluded)
end
end
Tracker Model 追踪器型号
class Tracker < ActiveRecord::Base
belongs_to :nasfile
belongs_to :sender, :foreign_key => :sender_id, class_name: 'User'
belongs_to :receiver, :foreign_key => :receiver_id, class_name: 'User'
belongs_to :office_receiving, :foreign_key => :office_sent_to_id, class_name: 'Office'
belongs_to :office_sending, :foreign_key => :office_sent_from_id, class_name: 'Office'
before_save :office_sent_to, :on => [:create, :update]
def office_sent_to
self.office_sent_to_id = self.receiver.office.id
end
end
User model: 用户模型:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable,:recoverable
devise :database_authenticatable, :registerable,
:rememberable, :trackable, :validatable,
:authentication_keys => [:username], password_length: 6..25
belongs_to :office
accepts_nested_attributes_for :office
has_many :sent_files,:class_name => 'Tracker', :foreign_key => 'sender_id'
has_many :received_files,:class_name => 'Tracker', :foreign_key => 'receiver_id'
def email_required?
false
end
def email_changed?
false
end
def self.all_without(excluded)
where("id NOT IN (?)", excluded)
end
end
Thanks for the help 谢谢您的帮助
1 个解决方案
解决方案1
0 已采纳 2015-06-17 01:57:26
Rather than doing 而不是做
@files = File.all
try to filter the files you include by doing something like: 尝试通过执行以下操作来过滤您包含的文件:
@files = File.where("office_id = ?", current_user.office_id)
This way, you only get files for the office to which the user belongs. 这样,您只会获取用户所属办公室的文件。
I don't know how you have your roles set up, but you can add some branching logic to allow registry officers to see all files, regardless of office: 我不知道您是如何设置角色的,但是您可以添加一些分支逻辑,以允许注册表人员查看所有文件,而不论办公室是什么:
if user.role = "registry officer"
@files = File.all
else
@files = File.where("office_id = ?", current_user.office_id)
end
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.