before-filter

问题 I am using devise and recently added active admin, which created a separate table of admin_users to keep admins. All works fine with Active Admin when I try to log in and browse around. However, my application controller has this for general users: before_filter :authenticate_user!, :except => [:show, :index] Because of this, when inside the active admin interface, whenever I try to edit or delete anything, it asks me to log in. I learned that a skip_before_filter can be used inside the

问题 I have this current before filter in my users_controller before_filter :authenticate_usergroup, :except => [:edit, :update, :show] It works great for just allowing a user to edit their information but not being able to see all the users, but i'v found that by just changing their 'id' in the url they could also edit other users information. How can i only allow :edit, :show and :update functions to the current user for their own record. i have this method in my application_controller to be

问题 I have this current before filter in my users_controller before_filter :authenticate_usergroup, :except => [:edit, :update, :show] It works great for just allowing a user to edit their information but not being able to see all the users, but i'v found that by just changing their 'id' in the url they could also edit other users information. How can i only allow :edit, :show and :update functions to the current user for their own record. i have this method in my application_controller to be

问题 Update: this problem has found a very satisfactory solution, but in production side effects popped up which I describe in this thread. So, I'm using a custom counter in my OLs to get numbering like "1 - 1.1 - 1.1.1" Works fine. But when I do this, the indentation of the LI is wrong. The text aligns with the left edge of the number, not with the right edge (like standard OLs do). Edit: To get the numbers layouted the way I want, I had to mess with the standard paddings/margins of the OL. Now

问题 My desired behavior is that when destroy is called on an instance, that instance will not actually be destroyed, but it will just be marked as having been destroyed. This needs to percolate up for any model associations. In the models that I don't want to actually destroy, but just mark them as deleted I have a deactivated field. From what I can tell the < v3.0.0 way of doing this was to override destroy_without_callbacks (That's the way ActsAsParanoid does it), however that method no longer

问题 Is it possible to skip a before filter in using skip_before_filter when the before_filter is defined with a block. For example: class ApplicationController < ActionController::Base before_filter do |controller| # filter stuff end end I know, that is it possible using the "normal" way of defining the filter with a method name. 回答1: Its most definitely not possible. From the documentation: Note that skipping uses Ruby equality, so it’s impossible to skip a callback defined using an anonymous

问题 Is it possible to skip a before filter in using skip_before_filter when the before_filter is defined with a block. For example: class ApplicationController < ActionController::Base before_filter do |controller| # filter stuff end end I know, that is it possible using the "normal" way of defining the filter with a method name. 回答1: Its most definitely not possible. From the documentation: Note that skipping uses Ruby equality, so it’s impossible to skip a callback defined using an anonymous

问题 I want a before filter like "must_have_permission_to_write" that when called if user hasn't permission to write renders a message saying "you can't do that!" and return. Problem is I'm getting "can only render or redirect once per action" of course... how can I stop the execution in the before filter? thanks 回答1: I think the easiest answer is add a redirect and return false to your must_have_permission_to_write method. def must_have_permission_to_write unless current_user.has_permission?

问题 When i try to restrict access to signup, it seems impossible. I tried class RegistrationsController < Devise::RegistrationsController skip_before_filter :require_no_authentication end in app/registrations_controller.rb and changed routes to devise_for :accounts, :controllers => { :registrations => "registrations" } This does not work. Any suggestions why and what i could do/where i should look would be appreciated. EDIT: Does not work means: when i try to access /accounts/sign_up while being

问题 When user enters our web site's root or logs out, Devise authentication displays "You need to sign in or sign up before continuing" the first time. After page reload this message disappears. Root of our web site is set to controller which has: before_filter :authenticate_user! We need this controller to be the root. How to eliminate this message? 回答1: The correct solution would be to set an authenticated block as noted in the official wiki: https://github.com/plataformatec/devise/wiki/How-To: