Fatal编程技术网
  • ruby-on-rails/
  • Ruby on rails Rails:优化控制器操作(安全检查)

Ruby on rails Rails:优化控制器操作(安全检查)

ruby-on-rails ruby security model-view-controller

Ruby on rails Rails:优化控制器操作(安全检查),ruby-on-rails,ruby,security,model-view-controller,Ruby On Rails,Ruby,Security,Model View Controller,我在控制器中有一个动作,如下所示: def show @project = current_customer.projects.where(id: params[:project_id]).first if @project @feature = @project.features.where(id: params[:feature_id]).first if @feature @conversation = @feature.conv

我在控制器中有一个动作,如下所示:

  def show
    @project = current_customer.projects.where(id: params[:project_id]).first
    if @project
      @feature = @project.features.where(id: params[:feature_id]).first
      if @feature
        @conversation = @feature.conversations.where(id: params[:id]).first
        unless @conversation
          head 401
        end
      else
        head 401
      end
    else
      head 401
    end
  end
问题在于头401的重复。有没有更好的方法来写这个动作?

我会这样写

def show
  @project = current_customer.projects.where(id: params[:project_id]).first
  @feature = @project.features.where(id: params[:feature_id]).first if @project
  @conversation = @feature.conversations.where(id: params[:id]).first if @feature

  # error managment
  head 401 unless @conversation      
end

Model Project
  ...
def get_conversation
  feature = features.where(id: params[:feature_id]).first
  conversation = feature.conversations.where(id: params[:id]).first if feature
end
我会这样写

def show
  @project = current_customer.projects.where(id: params[:project_id]).first
  @feature = @project.features.where(id: params[:feature_id]).first if @project
  @conversation = @feature.conversations.where(id: params[:id]).first if @feature

  # error managment
  head 401 unless @conversation      
end

Model Project
  ...
def get_conversation
  feature = features.where(id: params[:feature_id]).first
  conversation = feature.conversations.where(id: params[:id]).first if feature
end
也许你可以用这样的东西在你的项目模型中重构

def show
  @project = current_customer.projects.where(id: params[:project_id]).first
  @feature = @project.features.where(id: params[:feature_id]).first if @project
  @conversation = @feature.conversations.where(id: params[:id]).first if @feature

  # error managment
  head 401 unless @conversation      
end

Model Project
  ...
def get_conversation
  feature = features.where(id: params[:feature_id]).first
  conversation = feature.conversations.where(id: params[:id]).first if feature
end
在你的控制器里

Controller ProjectController
def show
  @project = current_customer.projects.where(id: params[:project_id]).first
  @conversation = @project.get_conversation

  head 401 unless @conversation
end
也许你可以用这样的东西在你的项目模型中重构

def show
  @project = current_customer.projects.where(id: params[:project_id]).first
  @feature = @project.features.where(id: params[:feature_id]).first if @project
  @conversation = @feature.conversations.where(id: params[:id]).first if @feature

  # error managment
  head 401 unless @conversation      
end

Model Project
  ...
def get_conversation
  feature = features.where(id: params[:feature_id]).first
  conversation = feature.conversations.where(id: params[:id]).first if feature
end
在你的控制器里

Controller ProjectController
def show
  @project = current_customer.projects.where(id: params[:project_id]).first
  @conversation = @project.get_conversation

  head 401 unless @conversation
end
谢谢你的回答。我还有一个相关的问题,我可以在这个行动中使用CanCan进行错误管理吗?这是个好主意吗?@Alex我从来没用过CanCan,这一点我帮不了你。谢谢你的回答。我还有一个相关的问题,我可以在这个行动中使用CanCan进行错误管理吗?这是个好主意吗?@Alex我从来没用过CanCan,这一次我帮不了你。