1. 首頁
  2. 問答
  3. 如何逃避這個重定向循環?

如何逃避這個重定向循環?

2014-10-11 34 views
1

我試圖讓所有用戶的非法企圖看到其他用戶的顯示頁面重定向,而不是自己的顯示頁面。如何逃避這個重定向循環?

我的這些代碼的其他部分中的任何嘗試都不能完成這項工作。

class UsersController < ApplicationController 
    def show 
    if params[:id] == current_user.id.to_s 
     liked_bookmark_ids = current_user.likes.pluck(:bookmark_id) 
     liked_bookmarks = Bookmark.where(id:liked_bookmark_ids) 
     liked_topic_ids = liked_bookmarks.pluck(:topic_id) 
     @liked_topics = Topic.where(id:liked_topic_ids).order('topics.name') 
    else 
     # redirect_to :controller => 'users', :id => current_user.id # gives a screwy url 
     # redirect_to user_path, :id => 6       # causes a redirect loop 
     # redirect_to :back           # causes a redirect loop 
    end 
    end 
end

什麼是正確的方式去呢?

來源

2014-10-11 dwilbank

回答

1 
redirect_to user_path(current_user)

來源

2014-10-11 05:01:58

+1

你或許可以連做'redirect_to的(CURRENT_USER)'... http://api.rubyonrails.org/classes/ActionController/Redirecting.html#method-i-redirect_to – 2014-10-11 05:03:38

+0

那麼你知道什麼......不能簡單 - 謝謝! – dwilbank 2014-10-11 05:05:00

1

我認爲更好的方法是使用filter來檢查它是否是當前用戶的請求。你可以做這樣的事情:

class UsersController < ApplicationController 
    before_action :check_current_user, only: :show  

    def show 
    liked_bookmark_ids = current_user.likes.pluck(:bookmark_id) 
    liked_bookmarks = Bookmark.where(id:liked_bookmark_ids) 
    liked_topic_ids = liked_bookmarks.pluck(:topic_id) 
    @liked_topics = Topic.where(id:liked_topic_ids).order('topics.name') 
    end 

    private 

    def check_current_user 
    redirect_to current_user, notice: "Not authorized" if params[:id] != current_user.id.to_s 
    end 
end

來源

2014-10-11 05:05:19 Mandeep

+1

謝謝 - 可能最終會以後用這種方式! – dwilbank 2014-10-11 05:13:42

相關問題

 相關問題