1. 首页
  2. 问答
  3. Rails如何编辑和删除评论创建带有cookie认证的评论?

Rails如何编辑和删除评论创建带有cookie认证的评论?

2012-02-09 118 views
0

我希望我的访问者能够在创建后5-10分钟内编辑或删除他们的评论。Rails如何编辑和删除评论创建带有cookie认证的评论?

我应该如何使用会话或cookie对其进行身份验证? 我的评论控制器:

class CommentsController < ApplicationController 
    # GET /comments 
    # GET /comments.xml 

    # GET /comments/new 
    # GET /comments/new.xml 
    def new 
    @comment = Comment.new 

    respond_to do |format| 
     format.html # new.html.erb 
     format.xml { render :xml => @comment } 
    end 
    end 

    # GET /comments/1/edit 
    def edit 
    @comment = Comment.find(params[:id]) 
    end 

    # POST /comments 
    # POST /comments.xml 
    def create 
    @blog = Blog.find(params[:blog_id]) 
    params[:comment][:ip] = request.remote_ip 
    @comment = @blog.comments.create!(params[:comment]) 
    redirect_to @blog 
    end 

    # PUT /comments/1 
    # PUT /comments/1.xml 
    def update 
    @comment = Comment.find(params[:id]) 

    respond_to do |format| 
     if @comment.update_attributes(params[:comment]) 
     format.html { redirect_to(admin_comments_path, :notice => 'Comment was successfully updated.') } 
     format.xml { head :ok } 
     else 
     format.html { render :action => "edit" } 
     format.xml { render :xml => @comment.errors, :status => :unprocessable_entity } 
     end 
    end 
    end 

    # DELETE /comments/1 
    # DELETE /comments/1.xml 
    def destroy 
    @comment = Comment.find(params[:id]) 
    @comment.destroy 

    respond_to do |format| 
     format.html { redirect_to(admin_comments_url, :notice => 'Indlæg slettet') } 
     format.xml { head :ok } 
    end 
    end 
end

来源

2012-02-09 Rails beginner

+0

出于好奇,是什么时间限制的目的是什么? – 2012-02-09 04:32:36

回答

1

店所保存的注释的会话ID,然后在删除或更新时,检查该评论的ID的会话,并比较当前时间与评论的created_at ...这可以采用过滤方法。

此外,您可以将过滤器中发现带ID的注释的代码移动到DRY中。

这里有云:

class CommentsController < ApplicationController 

    before_filter :get_blog 
    before_filter :get_comment, :only => [:edit, :update, :destroy] 
    before_filter :authorize_comment, :only => [:edit, :update, :destroy] 

    private 

    def get_blog 
    @blog = Blog.find(params[:blog_id]) 
    end 

    def get_comment 
    @comment = Comment.find(params[:id]) 
    end 

    def authorize_comment 
    unless @comment 
     flash[:error] = "Comment Not Found" 
     redirect_to @blog and return 
    else 
     # checks whether the comment is there in sessions' recent_comments 
     # if true, it means, this comment was created by the same visitor who is now attempting to delete/update it again 
     if session[:recent_comments].include?(@comment.id) 

     # now check if the comment is editable w.r.t time or not 
     if @comment.created_at < 10.minutes.ago 
      # if true, it means comment can no longer be updated/deleted 
      # if you wish you can now remove this from the session's recent_comments 
      session[:recent_comments].delete(@comment.id) 
      flash[:error] = "Sorry, you can not change this comment now" 
      redirect_to @blog and return 
     else 
      # it means comment can be edited/updated 
      return true 
     end 
     else 
     flash[:error] = "Sorry, you can not change this comment now" 
     redirect_to @blog and return 
     end 
    end 
    end 

    public 


    def new 
    @comment = Comment.new 

    respond_to do |format| 
     format.html # new.html.erb 
     format.xml { render :xml => @comment } 
    end 
    end 


    def edit 
    end 

    def create  
    params[:comment][:ip] = request.remote_ip 
    @comment = @blog.comments.create!(params[:comment]) 

    unless session[:recent_comments].is_a?(Array) 
     session[:recent_comments] = [] 
    end 
    session[:recent_comments] << @comment.id 

    redirect_to @blog 
    end 

    def update 

    respond_to do |format| 
     if @comment.update_attributes(params[:comment]) 
     format.html { redirect_to(admin_comments_path, :notice => 'Comment was successfully updated.') } 
     format.xml { head :ok } 
     else 
     format.html { render :action => "edit" } 
     format.xml { render :xml => @comment.errors, :status => :unprocessable_entity } 
     end 
    end 
    end 

    def destroy 
    @comment.destroy 

    respond_to do |format| 
     format.html { redirect_to(admin_comments_url, :notice => 'Indlæg slettet') } 
     format.xml { head :ok } 
    end 
    end 
end

来源

2012-02-09 07:19:04

相关问题

 相关问题