我用pundit gem管理应用程序中用户的授权。对用户来说一切都很好。现在我创建了第二个设计模型:雇主。我想显示一个特定的页面,既登录用户,以及在雇主登录。我该怎么做?
以下是我对模型的政策:
class CurriculumPolicy < ApplicationPolicy
class Scope < Scope
def resolve
scope.all
end
end
def create?
return true
end
def show?
record.user == user || user.admin
end
def update?
record.user == user || user.admin
end
def destroy?
record.user == user || user.admin
end
end这是我的控制器的索引页,我想使访问:
class CurriculumsController < ApplicationController
skip_before_action :authenticate_user!, only: [:new, :create, :index]
before_action :set_curriculum, only: [:show, :edit, :update, :destroy]
def index
# @curriculums = policy_scope(Curriculum).order(created_at: :desc)
if params[:query]
@curriculums = policy_scope(Curriculum).joins(:user)
.where('users.job_category ILIKE ?', "%#{params[:query]}%")
.where(
'job_category ILIKE :query', query: "%#{params[:query]}%"
)
else
@curriculums = policy_scope(Curriculum).order(created_at: :desc)
end
end
private
def set_curriculum
@curriculum = Curriculum.find(params[:id])
end
def curriculum_params
params.require(:curriculum).permit(:doc)
end
end
2条答案
按热度按时间3zwtqj6y1#
您可以在这里为每个操作提供如下解决方案
v7pvogib2#
在您的控制器中,只需覆盖
pundit_user函数:参考:https://github.com/varvet/pundit#customize-pundit-user