第一贴这里,所以我希望它是有道理的,但我一直在旋转我的车轮太久了。 首先是一个小背景。我正在构建一个包含3个模型的Wiki应用程序:用户,Wiki和协作(连接表)。评论家的政策范围有很多通过关系
我正在使用Devise和Pundit,并有4类用户应根据他们的状态查看维基的不同子集。
这里的规则:
- 公众用户(未登录) - 应查看(无需编辑)仅公共维基 (:隐藏=>假)
- 身份验证的用户(:角色=>“标准“) - 应 查看,编辑&仅删除公共维基。
- 高级用户(:角色=> “溢价”) - 查看,编辑,删除公共wiki和创造 私人维基的能力(:隐藏=>真),并添加合作者的私人 维基这给他们编辑维基的权利。
- Admin(:role =>“admin”)完全控制所有记录。
所以我在政策范围内(用户检查状态)一个漫长scope.joins条件我维基索引视图给予CURRENT_USER的基于角色维基列表的一个子集。
信念使喷出了这样的错误:
Started POST "/__better_errors/59802a57d82fd17e/variables" for 127.0.0.1 at 2014-12-02 09:05:41 -0800
Wiki Load (0.4ms) SELECT "wikis".* FROM "wikis" INNER JOIN "collaborations" ON "collaborations"."wiki_id" = "wikis"."id" WHERE (hide = 'f' or user_id = 2 or collaborations.user_id = 2)
SQLite3::SQLException: ambiguous column name: user_id: SELECT "wikis".* FROM "wikis" INNER JOIN "collaborations" ON "collaborations"."wiki_id" = "wikis"."id" WHERE (hide = 'f' or user_id = 2 or collaborations.user_id = 2)
这里的政策
class WikiPolicy < ApplicationPolicy
# What collections a user can see users `.where`
class Scope < Scope
def resolve
if user && user.role == 'admin'
scope.all
elsif user
scope.joins(:collaborations).where("hide = :hide or user_id = :owner_id or collaborations.user_id = :collaborator_id", {hide: false, owner_id: user.id, collaborator_id: user.id})
else
scope.where hide: false
end
end
end
#Policies are boolean logic true or false to determine if a user has access to a controller action.
def update?
(user && user.role == 'admin') || (user && record.users.pluck(:id).include?(user.id)) || (user && user.id == record.owner.id)
end
def show?
(user.present? && user.admin?) or not record.hide?
end
def premium?
user.admin? or user.premium?
end
def edit?
end
end
我的模型
class Wiki < ActiveRecord::Base
belongs_to :user
has_many :collaborations, dependent: :destroy
has_many :users, through: :collaborations
def owner
user
end
def collaborators
users
end
validates :title, length: { minimum: 5 }, presence: true
validates :body, length: { minimum: 20 }, presence: true
end
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :confirmable
has_many :wikis
has_many :collaborations
has_many :cowikis, through: :collaborations, source: :wiki
after_initialize :init
def admin?
role == 'admin'
end
def premium?
role == 'premium'
end
def standard?
role == 'standard'
end
private
def init
if self.new_record? && self.role.nil?
self.role = 'standard'
end
end
end
class Collaboration < ActiveRecord::Base
belongs_to :user
belongs_to :wiki
end
维基控制器
class WikisController < ApplicationController
def index
@wikis = policy_scope(Wiki)
# authorize @wikis
end
def show
@wiki = Wiki.find(params[:id])
authorize @wiki
end
def new
@wiki = Wiki.new
authorize @wiki
end
def create
@wiki = Wiki.new(wiki_params)
authorize @wiki
if @wiki.save
flash[:notice] = "Post was saved."
redirect_to @wiki
else
flash[:error] = "There was an error saving the post. Please try again."
render :new
end
end
def edit
@user = current_user
@users = User.all
@wiki = Wiki.find(params[:id])
authorize @wiki
end
def update
@wiki = Wiki.find(params[:id])
authorize @wiki
@wiki.collaborators = params[:wiki][:user_ids]
if @wiki.update_attributes(wiki_params)
flash[:notice] = "Post was updated."
redirect_to @wiki
else
flash[:error] = "There was an error saving the post. Please try again."
render :edit
end
end
def destroy
@wiki = Wiki.find(params[:id])
authorize @wiki
title = @wiki.title
if @wiki.destroy
flash[:notice] = "\"#{title}\" was deleted successfully."
redirect_to wikis_path
else
flash[:error] = "There was an error deleting the wiki."
render :show
end
end
private
def wiki_params
params.require(:wiki).permit(:title, :body, :hide)
end
end
我希望你是不是不知所措的代码,但我想提供尽可能多的信息成为可能。
感谢您的帮助!
哦,这是最有可能的违规代码,但我包括上下文的一切。
scope.joins(:collaborations).where("hide = :hide or user_id = :owner_id or collaborations.user_id = :collaborator_id", {hide: false, owner_id: user.id, collaborator_id: user.id})
万一有人正在做一个大的查询不同的表长范围内没有返回预期值。我必须将范围分为2(一个用于本地和另一个连接)。我确信有一个更优雅的方式来做到这一点,但这是我的工作代码。 '(scope.where(“hide =:hide or wikis.user_id =:owner_id”,{hide:false,owner_id:user.id})+ scope.joins(:collaborations).where(“collaborations.user_id =:collaborator_id “,{collaborator_id:user.id}))。uniq' – 2014-12-02 23:46:14