问题描述
我正在使用Pundit进行用户模型的授权.
I am using Pundit for authorization for my User model.
我的目标是将其扩展为使用AdminUser模型,专门用于我的admin名称空间.
My goal is to extend this to use my AdminUser model, specifically for my admin namespace.
默认情况下,Pundit检查用户"或当前用户".如何基于Devise更改此项以检查"admin_user"或"current_admin_user"?
By default, Pundit checks for a "user" or "current_user". How can I change this to check for a "admin_user" or "current_admin_user", based on Devise?
policies/admin/admin_policy.rb (已关闭系统,当前查找的是User而不是AdminUser)
policies/admin/admin_policy.rb (Closed system, currently looks for User instead of AdminUser)
class Admin::AdminPolicy
attr_reader :user, :record
def initialize(user, record)
# Must be logged in
raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
@user = user
@record = record
end
def index?
false
end
def show?
false
end
def create?
false
end
def new?
create?
end
def update?
false
end
def edit?
update?
end
def destroy?
false
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
raise Pundit::NotAuthorizedError, "You must be logged in to perform this action" unless user
@user = user
@scope = scope
end
def resolve
scope.all
end
end
end
policies/admin/home_policy.rb (Admin名称空间的子策略示例)
policies/admin/home_policy.rb (Example sub-policy of the Admin namespace)
class Admin::HomePolicy < Admin::AdminPolicy
def index?
user.present?
end
end
推荐答案
我认为您需要在控制器上定义pundit_user方法以对其进行自定义 https://github.com/varvet/pundit#customize-pundit-user
I think you need to define the method pundit_user on your controllers to customize it https://github.com/varvet/pundit#customize-pundit-user
def pundit_user
current_admin_user
end
这篇关于Rails-Pundit-如何检查current_admin_user?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!