允许用户仅在 ruby on rails 上编辑某些信息,而不能在管理员上编辑
[英]Allowing users to edit some information only on ruby on rails but not admins
问题描述
I'm working on a rails app that i want to allow users to edit only some of their information, like name or personal information, but i want the admin user to be able to edit every thing.
我正在开发一个 Rails 应用程序,我希望它只允许用户编辑他们的一些信息,例如姓名或个人信息,但我希望管理员用户能够编辑所有内容。 is there any one to help me with this?有没有人帮我解决这个问题?
2 个解决方案
解决方案1
0 已采纳 2016-03-28 17:15:44
thanks to @tadman this is what i came up with感谢@tadman,这就是我想出的
def user_params_UserEdit
if current_user?(@user)
params.require(:user).permit( :password,
:password_confirmation)
elsif current_user.admin?
params.require(:user).permit(:name, :email, :password,
:password_confirmation, :admin, :personel_number)
end
end
and for update :和更新:
def update
@user = User.find(params[:id])
if @user.update_attributes(user_params_UserEdit)
flash[:success] = "Profile updated"
redirect_to root_url
else
render 'edit'
end
end
it works fine with me what do you think?它对我来说很好用,你怎么看?
解决方案2
0 2016-03-28 19:16:32
You can use cancan feature for this purpose.为此,您可以使用 cancan 功能。 It's clean and provides many features to add/modify the permissions.它很干净,并提供了许多功能来添加/修改权限。
Have a look看一看
https://github.com/ryanb/cancan https://github.com/ryanb/cancan
Also there is a tutorial on how to use it还有一个关于如何使用它的教程
http://railscasts.com/episodes/192-authorization-with-cancanhttp://railscasts.com/episodes/192-authorization-with-cancan
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.