如何讓用戶評論

Question

所以，我希望用戶能夠發表評論。目前任何人都可以通過在名稱字段中輸入任意名稱進行評論。

但我想與用戶關聯評論。所以在評論表單中不再需要名稱字段，因爲它將是用戶名。

這怎麼辦？

我跟隨了Ryan Bates的railscast，但他從未將評論與用戶關聯起來。

comments_controller.rb

class CommentsController < ApplicationController 
    before_action :set_comment, only: [:show, :edit, :update, :destroy] 


    def index 
    @comments = Comment.where("song_id IS NOT ?", nil) 
    end 

    def show 
    end 

    # GET /comments/new 
    def new 
    end 

    # GET /comments/1/edit 
    def edit 
    end 

    # POST /comments 
    # POST /comments.json 
    def create 
    @comment = Comment.new(comment_params)  

    respond_to do |format| 
     if @comment.save 
     format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully created.' } 
     format.json { render action: 'show', status: :created, location: @comment} 
     else 
     format.html { render action: 'new' } 
     format.json { render json: @comment.errors, status: :unprocessable_entity } 
     end 
    end 
    end 


    # PATCH/PUT /comments/1 
    # PATCH/PUT /comments/1.json 
    def update 
    respond_to do |format| 
     if @comment.update(comment_params) 
     format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully updated.' } 
     format.json { head :no_content } 
     else 
     format.html { render action: 'edit' } 
     format.json { render json: @comment.errors, status: :unprocessable_entity } 
     end 
    end 
    end 

    # DELETE /comments/1 
    # DELETE /comments/1.json 
    def destroy 
    @comment.destroy 
     redirect_to song_url(@comment.song_id) 
    end 

    private 
    # Use callbacks to share common setup or constraints between actions. 
    def set_comment 
     @comment = Comment.find(params[:id]) 
    end 

    # Never trust parameters from the scary internet, only allow the white list through. 
    def comment_params 
     params.require(:comment).permit(:song_id, :author_name, :site_url, :content, :user_id) 
    end 
end 

user.rb

class User < ActiveRecord::Base 
    # Include default devise modules. Others available are: 
    # :token_authenticatable, :confirmable, 
    # :lockable, :timeoutable and :omniauthable 
    devise :database_authenticatable, :registerable, 
     :recoverable, :rememberable, :trackable, :validatable 

    has_many :songs 
    has_many :comments 

    acts_as_voter 

end 

comment.rb

class Comment < ActiveRecord::Base 

    belongs_to :user 
    belongs_to :song 
end 

評論＃form.html.erb

<%= form_for @comment do |f| %> 
    <% if @comment.errors.any? %> 
    <div id="error_explanation"> 
     <h2><%= pluralize(@comment.errors.count, "error") %> prohibited this comment from being saved:</h2> 

     <ul> 
     <% @comment.errors.full_messages.each do |msg| %> 
     <li><%= msg %></li> 
     <% end %> 
     </ul> 
    </div> 
    <% end %> 


    <div id="comment_form"> 
    <div class="field"> 
    <%= f.hidden_field :song_id %> 
     <p> 
     <%= f.text_field :author_name, placeholder: "Name" %> 
     </p> 

     <p> 
     <%= f.text_area :content, :rows => '12', :cols => 35, placeholder: "Leave a comment..." %> 
     </p> 
     <p><%= f.submit "Submit" %></p> 
    <% end %> 
    <br /><br /> 

    </div></div> 

Answer 1

你Comment表應該有一個名爲列如果user_id尚不。然後您可以分配user_id兩種不同的方式。這些假設你有一個current_user方法。如果你不這樣做，那麼你將不得不從你正在使用的任何會話存儲或方法中填寫user_id。

您可以在表單中創建一個hidden_​​field以指定它。

<%= f.hidden_field :user_id, value: current_user.id %>

而是由@ rmagnum2002這說明可能是一個安全問題，由於用戶可以編輯。

您可以在創建動作時給它分配：

def create 
    @comment = Comment.new(comment_params) 
    @comment.user_id = current_user.id 

    respond_to do |format| 
    if @comment.save 
     format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully created.' } 
     format.json { render action: 'show', status: :created, location: @comment} 
    else 
     format.html { render action: 'new' } 
     format.json { render json: @comment.errors, status: :unprocessable_entity } 
    end 
    end 
end 

創建行動可能是最好的控制器分配這一點。