At the moment, I am creating some kind of admin panel/backend for my site. I want to do the following: Only admins (a user has a user_role(integer) --> 1 = admin, 2 = moderator, 3 = user) can see and access a link for the admin panel. So I created an admin_controller. In my admin controller I created a new function called is_admin?:
class AdminController < ApplicationController
def admin_panel
end
def is_admin?
current_user.user_role == 1
end
end
my route looks like.
map.admin_panel '/admin-panel', :controller => 'admin', :action => 'admin_panel'
and in my _sidebar.html.erb (partial in applicaton.html.erb) I created the link:
<%= link_to "Admin Panel", :admin_panel unless is_admin? %>
Now I get an error called:
undefined method `is_admin?'
Where is the problem? Please help me solving this problem!
Okay, sorry for this, but it still wont work. Here are my controllers:
application_controller.rb:
class ApplicationController开发者_StackOverflow中文版 < ActionController::Base
include AuthenticatedSystem
helper :all
protect_from_forgery
helper_method :current_user
def current_user
@current_user ||= User.find_by_id(session[:user])
end
end
users_controller.rb:
class UsersController < ApplicationController
layout 'application'
include AuthenticatedSystem
helper_method :is_admin? #only added this line
def new
end
...
end
user.rb
require 'digest/sha1'
class User < ActiveRecord::Base
# Virtual attribute for the unencrypted password
attr_accessor :password
... #more stuff but nothing for is_admin?
def active?
# the existence of an activation code means they have not activated yet
activation_code.nil?
end
#here is my is_admin? code
def is_admin?
self.user_role == 1
end
...
end
and now my view (_sidebar.html.erb):
<div>
<%= link_to "Admin Panel", :admin_panel unless current_user.is_admin? %>
</div>
That's it. Any ideas?
Btw: now the error changed a bit. Now it is:
undefined method `is_admin?' for nil:NilClass
My Session Create (in sessions_controller.rb):
def create
self.current_user = User.authenticate(params[:login], params[:password])
if logged_in?
if params[:remember_me] == "1"
current_user.remember_me unless current_user.remember_token?
cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
end
redirect_back_or_default('/')
flash[:notice] = "Logged in successfully"
else
render :action => 'new'
end
end
The problem is that methods defined in your controllers are not available in your views, unless you do this in the controller:
helper_method :is_admin?
However, in your case I would suggest that you move this method into the user model, as it seems to be more or less part of the business logic of the application.
So, in your user model,
class User < ActiveRecord::Base
def is_admin?
self.user_role == 1
end
end
And then in the view,
<%= link_to "Admin Panel", :admin_panel unless current_user.is_admin? %>
Oh, and btw, make sure that your users cannot change their roles arbitrarily via mass attributes assignment. And also it would be better to define constants for those role integer values. Sorry if this is too obvious :)
use helper_method if you want to use your controller's method in your views
class AdminController < ApplicationController
helper_method :is_admin? #you should include this line so that you can access it in your view.
def admin_panel
end
def is_admin?
current_user.user_role == 1
end
end
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论