Rails如何使用Cookie身份驗證來編輯和刪除創建的注釋?
[英]Rails how to edit and delete comments created comments with cookie authication?
問題描述
我希望訪問者在創建評論后的5-10分鍾之內能夠編輯或刪除他們的評論。
我該如何使用會話或Cookie進行身份驗證? 我的評論控制器:
class CommentsController < ApplicationController
# GET /comments
# GET /comments.xml
# GET /comments/new
# GET /comments/new.xml
def new
@comment = Comment.new
respond_to do |format|
format.html # new.html.erb
format.xml { render :xml => @comment }
end
end
# GET /comments/1/edit
def edit
@comment = Comment.find(params[:id])
end
# POST /comments
# POST /comments.xml
def create
@blog = Blog.find(params[:blog_id])
params[:comment][:ip] = request.remote_ip
@comment = @blog.comments.create!(params[:comment])
redirect_to @blog
end
# PUT /comments/1
# PUT /comments/1.xml
def update
@comment = Comment.find(params[:id])
respond_to do |format|
if @comment.update_attributes(params[:comment])
format.html { redirect_to(admin_comments_path, :notice => 'Comment was successfully updated.') }
format.xml { head :ok }
else
format.html { render :action => "edit" }
format.xml { render :xml => @comment.errors, :status => :unprocessable_entity }
end
end
end
# DELETE /comments/1
# DELETE /comments/1.xml
def destroy
@comment = Comment.find(params[:id])
@comment.destroy
respond_to do |format|
format.html { redirect_to(admin_comments_url, :notice => 'Indlæg slettet') }
format.xml { head :ok }
end
end
end
1 個解決方案
解決方案1
1 已采納 2012-02-09 07:19:04
將保存的注釋的ID存儲在會話中,然后在刪除或更新時,在會話中檢查注釋的ID,然后將當前時間與注釋的created_at進行比較...這可以使用過濾器方法。
另外,您可以移動在過濾器中查找帶有id的注釋的代碼,並且可以遵循DRY。
它去了:
class CommentsController < ApplicationController
before_filter :get_blog
before_filter :get_comment, :only => [:edit, :update, :destroy]
before_filter :authorize_comment, :only => [:edit, :update, :destroy]
private
def get_blog
@blog = Blog.find(params[:blog_id])
end
def get_comment
@comment = Comment.find(params[:id])
end
def authorize_comment
unless @comment
flash[:error] = "Comment Not Found"
redirect_to @blog and return
else
# checks whether the comment is there in sessions' recent_comments
# if true, it means, this comment was created by the same visitor who is now attempting to delete/update it again
if session[:recent_comments].include?(@comment.id)
# now check if the comment is editable w.r.t time or not
if @comment.created_at < 10.minutes.ago
# if true, it means comment can no longer be updated/deleted
# if you wish you can now remove this from the session's recent_comments
session[:recent_comments].delete(@comment.id)
flash[:error] = "Sorry, you can not change this comment now"
redirect_to @blog and return
else
# it means comment can be edited/updated
return true
end
else
flash[:error] = "Sorry, you can not change this comment now"
redirect_to @blog and return
end
end
end
public
def new
@comment = Comment.new
respond_to do |format|
format.html # new.html.erb
format.xml { render :xml => @comment }
end
end
def edit
end
def create
params[:comment][:ip] = request.remote_ip
@comment = @blog.comments.create!(params[:comment])
unless session[:recent_comments].is_a?(Array)
session[:recent_comments] = []
end
session[:recent_comments] << @comment.id
redirect_to @blog
end
def update
respond_to do |format|
if @comment.update_attributes(params[:comment])
format.html { redirect_to(admin_comments_path, :notice => 'Comment was successfully updated.') }
format.xml { head :ok }
else
format.html { render :action => "edit" }
format.xml { render :xml => @comment.errors, :status => :unprocessable_entity }
end
end
end
def destroy
@comment.destroy
respond_to do |format|
format.html { redirect_to(admin_comments_url, :notice => 'Indlæg slettet') }
format.xml { head :ok }
end
end
end
Rails-如何實現:remote => true,在同一頁面上編輯評論
[英]Rails - How to implement :remote => true, to edit comments on the same page
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.