这是我的路线:即使我有一个范围的嵌套的路线,我的资源没有被路由正确 - 的Rails 3.1
scope ":username" do
resources :feedbacks
end
所以,当我去mydomain.com/test/feedbacks/10
它显示了正确的feedback
与id=10
属于username=test
。
但是,如果我去mydomain.com/test2/feedbacks/10
它显示与id=10
相同的反馈,它不属于username=test2
。
如何限制这种情况发生?
我使用Vanity
宝石给我在URL中的用户名,这是这条路线是什么样子:
controller :vanities do
match ':vname' => :show, :via => :get, :constraints => {:vname => /[A-Za-z0-9\-\+\@]+/}
end
编辑1:
也就是说,为了清晰为什么当我去mydomain.com/test/feedbacks/10
和/test2/feedbacks/10
时,它显示了我对同一个记录的相同观点(在这种情况下,后一个版本会是错误的,因为它应该告诉我没有这样的记录存在,但事实并非如此。显示test/feedbacks/10
的正确记录)。
编辑2:
这里有两个请求的日志:
权请求
Started GET "/test-3/feedbacks/7" for 127.0.0.1 at 2011-09-14 02:48:15 -0500
Processing by FeedbacksController#show as HTML
Parameters: {"username"=>"test-3", "id"=>"7"}
Feedback Load (0.5ms) SELECT "feedbacks".* FROM "feedbacks" WHERE "feedbacks"."id" = ? LIMIT 1 [["id", "7"]]
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = 3 LIMIT 1
Rendered feedbacks/show.html.erb within layouts/application (36.2ms)
Completed 200 OK in 188ms (Views: 184.3ms | ActiveRecord: 1.8ms)
错误的请求
Started GET "/test2/feedbacks/7" for 127.0.0.1 at 2011-09-14 02:48:28 -0500
Processing by FeedbacksController#show as HTML
Parameters: {"username"=>"test2", "id"=>"7"}
Feedback Load (0.1ms) SELECT "feedbacks".* FROM "feedbacks" WHERE "feedbacks"."id" = ? LIMIT 1 [["id", "7"]]
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = 3 LIMIT 1
Rendered feedbacks/show.html.erb within layouts/application (37.6ms)
Completed 200 OK in 50ms (Views: 47.5ms | ActiveRecord: 1.2ms)
您是否检查记录是否属于用户?这不会自动完成。 –
请张贴您的#show动作代码,您应该查看参数[:用户名]并相应地加载您的用户记录。同样做@Benoit说。 –