ruby-on-rails – Ajax删除链接注销current_user

标题几乎解释了.我有一个奇怪的情况,其中允许用户使用Ajax删除通知的视图导致current_user被注销.我甚至不知道从哪里开始调试这个…

这是控制器

class NotificationsController < ApplicationController

    def destroy
        @notification = Notification.find(params[:id])
        @notification.destroy
        respond_to do |format|
            format.js
        end
    end


end

这是整个控制器,没有什么是简短的.通知是由系统生成的,所以用户唯一可以采取的操作就是“关闭”(即删除).

我也尝试使用较新的respond_with语法并具有相同的效果.

我正在使用Devise和Rails 3.0.9.任何想法可能会发生什么 – 或建议如何调试？

– 编辑1 –

的routes.rb

resources :notifications,:only => [:destroy]

删除链接

%span.delete= link_to( 'dismiss',notification_path(notification),:method => :delete,:remote => true )

– 编辑2 –

嗯,我注意到日志里有新的东西 – 见下面的****.

Started DELETE "/notifications/10" for 127.0.0.1 at 2011-06-21 21:47:15 -0500
  Processing by NotificationsController#destroy as JS
  Parameters: {"id"=>"10"}
  sql (0.4ms)   SELECT name
 FROM sqlite_master
 WHERE type = 'table' AND NOT name = 'sqlite_sequence'
  sql (0.3ms)   SELECT name
 FROM sqlite_master
 WHERE type = 'table' AND NOT name = 'sqlite_sequence'

  User Load (0.7ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1
  Slug Load (0.4ms)  SELECT "slugs".* FROM "slugs" WHERE ("slugs".sluggable_id = 1 AND "slugs".sluggable_type = 'User') ORDER BY id DESC LIMIT 1
  ****AREL (0.3ms)  UPDATE "users" SET "remember_token" = NULL,"remember_created_at" = NULL,"updated_at" = '2011-06-22 02:47:15.913839',"preferences" = '---
:email_notifications: ''true''
' WHERE "users"."id" = 1
  Notification Load (0.2ms)  SELECT "notifications".* FROM "notifications" WHERE "notifications"."id" = 10 LIMIT 1
  User Load (1.0ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1
  AREL (0.3ms)  UPDATE "users" SET "notifications_count" = COALESCE("notifications_count",0) - 1 WHERE "users"."id" = 1
  AREL (0.1ms)  DELETE FROM "notifications" WHERE "notifications"."id" = 10
Rendered notifications/destroy.js.erb (0.7ms)
Completed 200 OK in 6416ms (Views: 9.6ms | ActiveRecord: 4.1ms)

所以,就是这样,看起来用户表的一部分被设置为null,特别是我怀疑的记住触发Devise结束会话的remember_token,也可能是在会话被破坏之后由Devise完成的.但是怎么跟踪呢？

我可以想到的唯一的事情是通知与用户进行交互是否有一个counter_cache用户的notifications_count.

我欣赏如何调试的想法和建议！

– 编辑3 –

在使用ruby-debug进行挖掘之后,它看起来就像Devise和rails.js脚本的更改有关.看到：

https://github.com/plataformatec/devise/issues/913

https://github.com/ryanb/cancan/issues/280

我正在尝试这些线程的一些建议,并将发布,如果我找到一个解决方案.

解决方法

我也有类似的问题.解决方案就像添加一样简单

<％= csrf_Meta_tag％>

到布局.

原文链接：https://www.f2er.com/ruby/270956.html

ruby-on-rails – Ajax删除链接注销current_user

解决方法

猜你在找的Ruby相关文章