_user.html.erb
<li>
<%= gravatar_for user, size: 50 %>
<%= link_to user.name, user %>
<% if current_user.admin? && !current_user?(user)%>
| <%= link_to "delete", user, method: :delete,
data: { confirm: "You sure?" } %>
<% end %>
</li>
我删除&& !current_user?(user)
它可以工作
这是我的代码
session_helper.er.html
def current_user
if (user_id = session[:user_id])
@current_user ||= User.find_by(id: user_id)
elsif (user_id = cookies.signed[:user_id])
user = User.find_by(id: user_id)
if user && user.authenticated?(cookies[:remember_token])
log_in user
@current_user = user
end
end
end
def current_user?(user)
user = current_user
end
def logged_in?
!current_user.nil?
end
def log_out
forget(current_user)
session.delete(:user_id)
@current_user = nil
end
users_contorller
def index
@users = User.paginate(page: params[:page], :per_page => 10)
end
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
log_in @user
flash[:success] = "Welcome to the Sample App!"
redirect_to @user
else
render 'new'
end
end
def edit
@user = User.find(params[:id])
end
/ ##
私人的
def user_params
params.require(:user).permit(:name,:email,:password,:password_confirmation)
结束
def logged_in_user
除非login_in?
商店地址
flash [:danger] =“请登录”
redirect_to login_url
结束
结束
// ##
def correct_user
@user = User.find(params [:id])
redirect_to(root_path),除非@user == current_user?(@ user)
结束
def admin_user
redirect_to(root_url)除非current_user.admin?
端
Session_controller.html.erb
class SessionController < ApplicationController
def new
end
//##
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
log_in user
params[:session][:remember_me] == '1' ? remember(user) : forget(user)
redirect_back_or user
else
flash.now[:danger] = '無效的電子郵件/密碼'
render 'new'
end
end
//##
def current_user
@current_user ||= User.find_by(id: session[:user_id])
end
//##
def destroy
log_out if logged_in?
redirect_to root_url
end
end
我找不到它的错误,我是ruby on rails的新手。
答案 0 :(得分:1)
在current_user
方法中,您应该使用比较(==
)而不是分配(=
):
def current_user?(user)
user == current_user
end
答案 1 :(得分:1)
将用户登录更改为
<% if current_user.admin? && user_login?(user)%>
| <%= link_to "delete", user, method: :delete,data: { confirm: "You sure?" } %>
<% end %>
和
def user_login?(user)
user == current_user
end