4-3 admin

作者: 小耿_da0a | 来源:发表于2017-06-29 18:09 被阅读32次

    4-3 STORY 2 - admin 可以登录后台

    目标

    • 管理者(商家)必须先登录网站才能进入(商店)后台
    • 管理者必须有 admin 权限才能进入后台

    Step 0:

    git checkout -b story2

    Step 1: 必须要先登入才能进入

    app/controllers/admin/products_controller.rb
    class Admin::ProductsController < ApplicationController
    + before_action :authenticate_user!
     def index 
    @products = Product.all 
    end...(略)
    

    在浏览器测试是否强制验证
    http://localhost:3000/admin/products/new

    Step 2: 必须要有 admin 权限才能进入

    app/controllers/admin/products_controller.rb
    class Admin::ProductsController < ApplicationController
     before_action :authenticate_user!
    + before_action :admin_required 
    def index 
    @products = Product.all 
    end...(略)
    

    Step 3: 建立 admin 判断式

    app/controllers/application_controller.rb
    class ApplicationController < ActionController::Base
      # Prevent CSRF attacks by raising an exception.
    
      # For APIs, you may want to use :null_session instead.
    
      protect_from_forgery with: :exception
    
    + def admin_required
    +   if !current_user.admin?
    +     redirect_to "/", alert: "You are not admin."
    +   end
    + end
    end
    

    Step 4: 加入 admin? 判断式

    app/models/user.rb
    class User < ApplicationRecord
      # Include default devise modules. Others available are:
    
      # :confirmable, :lockable, :timeoutable and :omniauthable
    
      devise :database_authenticatable, :registerable,
             :recoverable, :rememberable, :trackable, :validatable
    
    + def admin?
    +   is_admin
    + end
    end
    

    Step 5: 新增 is_admin 栏位(boolean)

    rails g migration add_is_admin_to_user

    修改里面的档案

    db/migrate/xxx(一堆数字)_add_is_admin_to_user.rb
    class AddIsAdminToUser < ActiveRecord::Migration[5.0]
     def change
    + add_column :users, :is_admin, :boolean, default: false 
    end
    end
    

    执行rake db:migrate
    重开rails server
    测试admin是否能进后台
    存取http://localhost:3000/admin/products/new

    Step 6: 在 rails console 操作新增一个 admin 使用者

    rails c

    u = User.new(email: "admin@test.com", password: "123456", password_confirmation: "123456")
    u.save
    u.is_admin = true
    u.save
    

    再次测试admin是否能进后台
    存取http://localhost:3000/admin/products/new

    Step 7: 新增一个 user 种子档

    db/seeds.rb

    u = User.newu.email = "admin@test.com" # 可以改成自己的 
    emailu.password = "123456" # 最少要六码
    u.password_confirmation = "123456" # 最少要六码
    u.is_admin = true
    u.save
    

    然后rake db:seed
    即可自动建一个有 admin 权限的帐号
    补充: 日后资料库设定 ( migrate ) 重建时发生错误时的 bug fix
    rake db:reset

    Step 8: 建立后台 layout

    建立 layout: admin

    app/controllers/admin/products_controller.rb
    class Admin::ProductsController < ApplicationController
    + layout "admin" 
    before_action :authenticate_user! 
    before_action :admin_required
    ...(略)
    

    touch app/views/layouts/admin.html.erb

    app/views/layouts/admin.html.erb
    <!DOCTYPE html>
    <html>
    <head>
      <title>JDstore 后台</title>
      <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
      <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
      <%= csrf_meta_tags %>
    </head>
    <body>
      <div class="container">
        <%= render "common/navbar" %>
        <div class="row">
          <div class="col-md-2">
            <ul class="nav nav-pills nav-stacked" style="max-width: 300px;">
              <li> <%= link_to("Products", admin_products_path) %> </li>
            </ul>
          </div>
          <div class="col-md-10">
            <%= yield %>
          </div>
        </div>
      </div>
    </body>
    </html>
    
    

    完成

    Step 9: git 存档

    git add .
    git commit -m "only admin can access backend panel"

    相关文章

      网友评论

          本文标题:4-3 admin

          本文链接:https://www.haomeiwen.com/subject/evhvcxtx.html