#20 Restricting Access

最新推荐文章于 2020-11-03 13:21:50 发布

原创最新推荐文章于 2020-11-03 13:21:50 发布 · 137 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#Access #Flash

Railscasts 专栏收录该内容

108 篇文章

订阅专栏

本文介绍如何通过编程方式限制公众访问网站的管理功能，包括使用 Ruby on Rails 实现的身份验证逻辑和授权过程。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

In this second part of the series on administration, you will learn how to lock down the site to keep the public from accessing the administration features.

<!-- episodes/index.rhtml -->
<% if admin? %>
  <%= link_to 'New Episode', new_episode_path %>
<% end %>
# controllers/application.rb
helper_method :admin?

protected

def admin?
  false
end

def authorize
  unless admin?
    flash[:error] = "unauthorized access"
    redirect_to home_path
    false
  end
end

# episodes_controller.rb
before_filter :authorize, :except => :index