i'm kind of new to rails and i want to require a user to input his current_password before updating his infos. I know this can be achieved through devise but i want to do it without devise because i'm having a really hard time modifying the devise.
what i have in mind is something like this:
def update
#edi_user = EdiUser.find(#trader_edi_user.edi_user_id)
#edi_user.update_attributes(edi_user_params.reject_if{ |attr| params['current_password'].blank? })
redirect_to :back
end
i know this code is wrong, but is this kind of logic possible in rails?
Or can anybody help me how to code the right syntax?
thank you in advance
Skipping update on missing attribute,
#edi_user.update_attributes(edi_user_params) if params['current_password'].present?
Related
I am developing Rails application where used rails_admin gem. But when I tried to create new user at that time password field not display in admin and Not able to create new user.
I got below error:
undefined method `new' for #<RailsAdmin::Config::Sections::Base:0x000000088d5d08>
Anyone have a idea or experience in it. Where I am missing or doing wrong.
Thanks in advance.
You are going to have to change new to edit: https://github.com/sferik/rails_admin/wiki/Fields#form-rendering. Both methods use the same partial and/or rendering logic.
You must use the edit section. You can check the action name in this way
edit do
include_all_fields
fields :attr_1, :attr_2 do
visible do
bindings[:controller].action_name == 'new'
end
end
end
Im using a forum engine called Thredded. The installation goes well but when trying to access localhost:3000/forum , it gives me this error.
I already trying the suggested solution by adding a method admin? on user.rb but still it doesnt work.
def admin?
has_role?(:admin)
end
any ideas? thanks
Thredded maintainer here.
What version of the Gem are you using, by the way?
For the time being, if you haven't solidified how you would like your users' roles to be defined, I would consider making that method as simple as possible. For example - if the current user has an id of ... 4? or 5? Or whatever your personal user record id is - return true. Otherwise false.
Ask your user object if they are you! :)
def admin
self.name == 'Joel'
end
If the current user record has my name - then yes, I am an admin.
If there's anything I can do to help, please feel free to head over to the issues and open up a ticket. We'd be more than happy to help.
It looks like the missing method is admin, not admin?. Try defining that method instead:
def admin
has_role?(:admin)
end
I'm looking into RoR some way to: login into the system with DEVISE, (it's working), but i'm needing something than keeps always the view of this logged user, and avoid than this user looks another views.
http://xx.xx.xx.xx:3000/user/1
And this user cannot look the content of:
http://xx.xx.xx.xx:3000/user/2.
Please, sorry if this is a silly question, but, i was looking 2 days and i don't know how i can name this feature.
Thanks!
There are gems available for this Authorization. I prefer can can which is one of the best Authorization gems available
Here is the gem=> https://github.com/ryanb/cancan
And here is the rails cast tutorial using it=> http://railscasts.com/episodes/192-authorization-with-cancan
EDIT: If you want to manually implement this then you just need to make a method with following logic
def check_authorization
# Assuming user ID is coming in params[:id]
if current_user.id == params[:id]
return
else
# render or redirect to some page with access denied message
end
end
And call this method just before any action in which you want to check for authorization.
Im using bootstrap & rails and have a user model and post model..users create posts (collections)..
with bootstrap in the navbar i want the user to be able to click a dropdown which displays the name's of their posts..i did this on one controller with a private method and a before_action but i don't want to do this for all the controllers and it didn't work for the application controller...
is there a better way to do this??
I was doing this
def list
#user = User.find_by_username(params[:id])
#collections = #user.collections
end
and a
before_action :list
at the top of the controller
What's the most semantic way to accomplish this??
If you could move both to your application controller, then it would be available to any controller. More generally, I'm not sure if this is the best approach to solve your problem.
These tips might also be useful.
Are you using devise? Or some other authentication plugin? If so you're likely going to have a current_user helper. This would allow you to simply do #collections = current_user.collections
To the extent possible, I recommend using more descriptive names for your actions and parameters. def fetch_list_collections might be a better name or instead of passing a param named id, perhaps your param should be named username. These naming conventions become extremely important both for others who might look at your code as well as for yourself if you return to it and are trying to remember what you wrote N months ago.
Your list action is generating a N+1 queries. Meaning that you're hitting the database multiple times when you should do so just once. See the rails guide on this. You might also look at ways to avoid this w/ devise. Devise is pretty well documented and I'll bet there is something in the wiki discussing this.
You may want to consider limiting when you call this action - at a minimum - a post request to an update action? What about before they've logged in? current_user might be nil and you'd have an error attempting to call a collections method on nil.
Take your time learning this stuff. You don't have to learn it all at once, but I thought the above might be helpful.
I got it to work with this in the application controller
before_action :list
private
def list
#collections = current_user.collections
end
thanks #arieljuod
I'm new to Rails and Android, so please don't blame me if the question was answered before somewhere, but after searching for an answer I did't find anything.
Question: How do I assure that Rails creates or updates the field IP which should also be unique in the database. I sent a HTTP POST from Android device to "http://192.168.5.3:3000/users/create?user[user_ip]="+myIp+"user[user_name]="+name
So on the Rails' server side, Rails should check if myIp already exists and if so, it should update the "user_name" to "name", and if it won't find myIp, it should create a new record with both fields.
Should I use before_create in the user.rb model? Or how do I do that? Should I use POST or PUT? If I should use PUT, then I don't know the id if the user exists.
Or shouldn't I use the Rails action "create" at all and write a custom Webservice method?
Sorry for such maybe lame question but somehow I can't figure it out!
Thanks for help in advance!
You want to use PUT for update and POST for create. If you know the user exists, but you don't have the id, you would use a PUT request, and in the update method, you would have something like this:
def update
#user = User.find_by_ip(params[:ip])
if #user.update_attributes(...)
#success
else
#failure
end
end
Again, the ideal method would be to pass the id into the update, but if you are unable to do that, you don't want to sacrifice RESTful conventions.