Ruby 在rails控制器的公共位置执行操作之前
我有两个基本控制器类,一个用于JSON资源API,另一个是应用程序控制器API类。我必须在操作之前添加适用于两个基类的权限检查 我不想重复之前的动作代码,所以想在公共场所添加。 如果我检查这些祖先,那么我看不到它们之间有任何rails默认的公共类 有什么建议吗?我还需要上下文中的当前用户。解决这个问题的好办法是什么Ruby 在rails控制器的公共位置执行操作之前,ruby,ruby-on-rails-3,inheritance,Ruby,Ruby On Rails 3,Inheritance,我有两个基本控制器类,一个用于JSON资源API,另一个是应用程序控制器API类。我必须在操作之前添加适用于两个基类的权限检查 我不想重复之前的动作代码,所以想在公共场所添加。 如果我检查这些祖先,那么我看不到它们之间有任何rails默认的公共类 有什么建议吗?我还需要上下文中的当前用户。解决这个问题的好办法是什么 class BaseResourceController < JSONAPI::ResourceController before_action :check_per
class BaseResourceController < JSONAPI::ResourceController
before_action :check_permissions
def check_permissions
current_user.permissions
end
end
class ApplicationController < ActionController::API
before_action :check_permissions
def check_permissions
current_user.permissions
end
end
class-BaseResourceControllerJSONAPI::ResourceController.Orients=> [JSONAPI::ResourceController,JSONAPI::Callbacks,JSONAPI::ActsAsResourceController,ActionController::Base,Deviate::Controller::Helpers,Deviate::Controller::Helpers,Deviate::Controller::StoreLocation,Deviate::Controller::SignInOut,ActiveRecord::Railties::ControllerRuntime,ActionDispatch::RouteSet::MountedHelpers,ActionControllerr::RespondWith,ActionController::ParamsWrapper,ActionController::Instrumentation,ActionController::HttpAuthentication::Token::ControllerMethods,ActionController::HttpAuthentication::Digest::ControllerMethods,ActionController::HttpAuthentication::Basic::ControllerMethods,ActionController::DataStreaming,ActionController::Streaming,ActionController::ForceSSL,ActionController::RequestForgerProtection,AbstractController::Callbacks,ActiveSupport::Callbacks,ActionController::FormBuilder,ActionController::Flash,ActionController::Cookies,ActionController::ParameterEncoding,ActionController::StrongParameters,ActiveSupport::Rescuable,ActionController::ImplicitRender、ActionController::BasicImplicitRender、ActionController::MimerResponds、AbstractController::Caching::ConfigMethods、AbstractController::Caching::Fragments、ActionController::Caching、ActionController::EtagWithFlash、ActionController::EtagWithTemplateDigest、ActionController::ConditionalGet、ActionController::Head,ActionController::Renderers::All,ActionController::Renderers,ActionController::Rendering,ActionView::Layouts,ActionView::Rendering,ActionController::Redirecting,ActiveSupport::Benchmarkable,AbstractController::Logger,ActionController::UrlFor,AbstractController::UrlFor,ActionDispatch::Routing::UrlFor,ActionDispatch::Routing::Polym或路径,ActionController::Helpers,AbstractController::Helpers,AbstractController::AssetPath,AbstractController::Translation,AbstractController::Rendering,ActionView::ViewPath,ActionController::Metal,AbstractController::Base,ActiveSupport::Configurable,ActiveSupport::ToJsonWithActiveSupportEncoder,Object,PP::ObjectMixin,ActiveSupport::Dependencies::Loadable,JSON::Ext::GeneratorMethods::Object,ActiveSupport::Tryable,Kernel,BasicObject]
一个选项是将权限检查逻辑包装到一个模块,并将该模块包含在相应的控制器中
# app/controllers/concerns/permission_check.rb
module PermissionCheck
extend ActiveSupport::Concern
included do
before_action :check_permissions
end
def check_permissions
current_user.permissions
end
end
class BaseResourceController < JSONAPI::ResourceController
include PermissionCheck
end
class ApplicationController < ActionController::API
include PermissionCheck
end
class-BaseResourceControllerincludeApplicationControllerBaseResourceController