ruby-on-rails - 在 Rails 方法中的特定点跳过授权

问题描述

我有一个 if else 语句，我在其中检查之前是否选择了某些公司。如果列表为空，我想传递 @companies = "Empty" 以便我可以使用它来呈现不同的视图。然而，Pundit 需要提供一家公司。

有没有办法在方法的特定点跳过授权？在这种情况下，请在评论处跳过#Skip authorize @companies here?

  policy_scope(Company)
    if params[:query].present?
      if (Company.search_by_name_and_category(params[:query].capitalize) - @selected_companies).empty?
        @companies = "Empty"
        # Skip authorize @companies here
      else
        @companies = (Company.search_by_name_and_category(params[:query].capitalize) - @selected_companies)
        @companies.each {|company| authorize company }
      end

    else
      @companies = Company.all - @selected_companies
      @companies.each {|company| authorize company }
    end

标签： ruby-on-railspundit

Apart from skipping the authorization conditionally, i would do following changes to the code to reduce the queries and code lines:

policy_scope(Company)

@companies = params[:query].present? ?
               Company.search_by_name_and_category(params[:query].capitalize) :
               Company.all
@companies -= @selected_companies

if @companies.blank?
  skip_authorization
else
  @companies.each { |company| authorize company }
end

ruby-on-rails - 在 Rails 方法中的特定点跳过授权

问题描述

解决方案

推荐阅读