This is the error I'm getting:
Error:
ProjectsControllerTest#test_should_redirect_destroy_when_not_logged_in:
NoMethodError: undefined method `projects' for nil:NilClass
app/controllers/projects_controller.rb:39:in `project_owner'
test/controllers/projects_controller_test.rb:19:in `block (2 levels) in <class:ProjectsControllerTest>'
test/controllers/projects_controller_test.rb:18:in `block in <class:ProjectsControllerTest>'
What I think is happening and correct if I am wrong is that when the code goes and search for the projects it finds that the user is not logged in, therefore there is not such a project_owner. Even then the project_owner object should pick it and check that is nil, however that might not be happening.
Projects.Controller
class ProjectsController < ApplicationController
before_action :logged_in_user, only: [:index, :show, :create]
before_action :project_owner, only: :destroy
def index
end
def show
#project = Project.find(params[:id])
end
def new
#project = Project.new
end
def create
#project = current_user.projects.build(project_params)
if #project.save
flash[:success] = "Project Created"
redirect_to #project
else
render 'new'
end
end
def destroy
#project.destroy
flash[:success] = "Project Deleted"
redirect_to request.referrer || root_url
end
private
def project_params
params.require(:project).permit(:name,:category,:picture)
end
def project_owner
#project = current_user.projects.find_by(id: params[:id])
redirect_to root_url if #project.nil?
end
end
Model for Project
class Project < ApplicationRecord
before_save {name.downcase!}
belongs_to :user
default_scope -> { order(created_at: :desc) }
mount_uploader :picture, PictureUploader
validates :user_id, presence: true
validates :name && :category, presence: true
validates :name, presence: true,
uniqueness: { case_sensitive: false }
Test suit
require 'test_helper'
class ProjectsControllerTest < ActionDispatch::IntegrationTest
def setup
#project = projects(:Flyingcar)
end
test "should redirect destroy when not logged in" do
assert_no_difference 'Project.count' do
delete project_path(#project)
end
assert_redirected_to login_url
end
Any ideas of what it might be?
Thanks!
This current_user error is due to nil value of the current_user in the project_owner method.
Change this method to
def project_owner
if current_user.nil?
redirect_to root_url
else
#project = current_user.projects.find_by(id: params[:id])
redirect_to root_url if #project.nil?
end
end
Neither in create nor in project_owner the current_user is defined or are you doing that in your filter? Then you have to do that also for project_owner
Related
I can't figure out the problem with my code. I'm trying to add a profile to my user. For this I get my user ID and attach this to my profile in a DB. However after submitting the form it gives the following error: NoMethodError in ProfilesController#create
class ProfilesController < ApplicationController
# GET to /users/:user_id/profile/new
def new
#profile = Profile.new
end
# POST to /users/:user_id/profile
def create
# Ensure that we have the user who is filling out form
#user = User.find(params[:user_id])
# Create profile linked to this specific user
#profile = #user.build_profile( profile_params )
if #profile.save
flash[:success] = "Profile updated!"
redirect_to root_path
else
render action: :new
end
end
private
def profile_params
params.require(:profile).permit(:first_name, :last_name, :phone_number, :contact_email, :banking)
end
end
Your models need to be some thing like this... I assume you are missing a has_many or belongs_to in the user modal.
class User
has_many :profile
# or belongs_to :profile
end
class Profile
belongs_to :user
# or has_many :users
end
Give your modals if it doesn't work, we can fix it up.
try to replace
#user = User.find(params[:user_id])
#profile = #user.build_profile( profile_params )
by
#profile.user_id = current_user.id
for user_id it depend how you named your user id foreign key
You may do
def create
#profile = Profile.new(profile_params)
if #profile.save
flash[:success] = "Profile updated!"
redirect_to root_path
else
render action: :new
end
end
private
def profile_params
params.require(:profile).permit(:first_name, :last_name, :phone_number, :contact_email, :banking, :user_id)
end
Or
def profile_params
params.require(:profile).permit(:first_name, :last_name, :phone_number, :contact_email, :banking).merge!(user: current_user)
end
Regarding the error "NoMethodError in ProfilesController#create" it may happen because it is not declared in the routes.rb or it does a HTTP Get instead of a Post.
in the routes.rb file,
resources :users do
resources :profiles
end
http://guides.rubyonrails.org/routing.html#nested-resources
I am trying to search through tags, and it was working fine. But after i started to use gem will_paginate for pagination, i can't do that because i am getting this error:
undefined method 'total_pages' for #<Advertisement::ActiveRecord_Relation:0x007fe4cdd7df98>
But if I search for an unknown tag it works fine (show an empty list of ads on index page).
advertisemts_controller.rb
class AdvertisementsController < ApplicationController
before_action :authenticate_user!
before_action :set_advertisement, only: %i[edit update destroy]
def index
#advertisements = Advertisement.paginate(page: params[:page],
per_page: 2)
end
def show
#advertisement = Advertisement.find(params[:id])
end
def new
#advertisement = Advertisement.new
end
def create
#advertisement = Advertisements::Create.call(advertisement_params)
if #advertisement.errors.blank?
redirect_to advertisement_path(#advertisement),
notice: 'The advertisement was successfully added.'
else
render action: 'new'
end
end
def update
if #advertisement.update(advertisement_params)
redirect_to #advertisement, notice: 'Advertisement was
successfully updated.'
else
render :edit
end
end
def destroy
#advertisement.destroy
redirect_to advertisements_path, notice: 'Advertisement was
successfully destroyed.'
end
private
def set_advertisement
#advertisement = current_user.advertisements.find(params[:id])
end
def advertisement_params
params
.require(:advertisement)
.permit(:title, :description, :user_id, :tags)
.merge(user_id: current_user.id)
end
end
search_queries_controller.rb
class SearchQueriesController < ApplicationController
def search_by_tag
#advertisements = Advertisement.find_by_tags(tags_params)
render 'advertisements/index'
end
private
def tags_params
params.fetch(:tags, '')
end
end
advertisement.rb
class Advertisement < ApplicationRecord
has_many :advertisement_tags, dependent: :destroy
has_many :comments
has_many :tags, through: :advertisement_tags
belongs_to :user
validates :title,
:description,
presence: true
def self.find_by_tags(tags)
Advertisement.joins(:tags).where('tags.tag_name IN (?)',
tags.split(/[\s,']/))
end
end
I don't know how to solve this problem, I am using ruby-2.3.4 and rails-5.1.2, will_paginate-3.1.
That's because
def search_by_tag
#advertisements = Advertisement.find_by_tags(tags_params)
render 'advertisements/index'
end
doesn't call paginate method on the relation, but renders the view which uses pagination.
You may even notice that Advertisement.all.paginate(page: 1).total_pages works, but Advertisement.all.total_pages doesn't.
Something like
def search_by_tag
#advertisements = Advertisement
.find_by_tags(tags_params)
.paginate(page: 1, per_page: 2)
render 'advertisements/index'
end
should fix the problem
In my application I have designed a cart while following a similar format to the layout in the book Agile Web Development With Rails 4 and I have a slight problem. So a user can add items to a cart, view their cart, and see price of each item and also the total. The issue I ran into is when a user puts items in a cart and then signs out, the cart keeps the items in the cart even when a different user signs in. I believe the proper way would be that each user would have their own individual cart.
Here is my user model and controller
class User < ActiveRecord::Base
has_one :cart
# :confirmable, :lockable, :timeoutable and :omniauthable
# :confirmable, :lockable, :timeoutable and :omniauthable
has_secure_password
validates :email, presence: true
end
class UsersController < ApplicationController
def new
#user = User.new
end
def show
#user = User.find(params[:id])
end
def create
#user = User.new(user_params)
if #user.save
session[:user_id] = #user.id
redirect_to #user
else
render 'new'
end
end
def edit
#user = User.find(params[:id])
end
def update
#user = User.find(params[:id])
if #user.update_attributes(user_params)
redirect_to #user
end
end
private
def user_params
params.require(:user).permit(:first_name, :admin, :last_name, :email, :password, :password_confirmation, :phone_number, :address_one, :address_two, :city, :country, :state, :zip)
end
end
My cart model and controller
class Cart < ActiveRecord::Base
has_many :order_items
belongs_to :user
has_many :line_items, dependent: :destroy
def add_part(part_id)
current_part = line_items.find_by(part_id: part_id)
if current_part
current_part.quantity += 1
else
current_part = line_items.build(part_id: part_id)
end
current_part
end
def total_price
line_items.to_a.sum { |item| item.total_price}
end
end
class CartsController < ApplicationController
before_action :set_cart, only: [:show, :edit, :update, :destroy]
rescue_from ActiveRecord::RecordNotFound, with: :invalid_cart
def show
#cart = Cart.find(params[:id])
end
def edit
#cart = Cart.new(cart_params)
end
def update
#cart = Cart.find(params[:id])
if #cart.update_attributes(cart_params)
redirect_to #cart
end
end
def destroy
#cart.destroy if #cart.id == session[:cart_id]
session[:cart_id] = nil
respond_to do |format|
format.html { redirect_to root_path }
format.json { head :no_content }
end
end
private
def cart_params
params.require(:cart).permit(:user_id)
end
def invalid_cart
logger.error "Attempt to access invalid cart #{params[:id]}"
redirect_to root_path, notice: "Invalid cart"
end
end
and my Line Items controller and current module (line items associates a part to a cart in my layout)
class LineItemsController < ApplicationController
include CurrentCart
before_action :set_cart, only: [:create]
before_action :set_line_item, only: [:show, :edit, :update, :destroy]
def create
part = Part.find(params[:part_id])
#line_item = #cart.add_part(part.id)
respond_to do |format|
if #line_item.save
format.html { redirect_to #line_item.cart }
format.json { render action: 'show', status: :created,
location: #line_item }
else
format.html { render action: 'new' }
format.json { render json: #line_item.errors,
status: :unprocessable_entity }
end
end
end
end
module CurrentCart
extend ActiveSupport::Concern
private
def set_cart
#cart = Cart.find(session[:cart_id])
rescue ActiveRecord::RecordNotFound
#cart = Cart.create
session[:cart_id] = #cart.id
end
end
Any advice on how I can get one cart to be associate with one user would be a big help :) if anymore information is needed just ask. Thanks again!
Hahaha! I did this whole book and never realized this bug!
Yeah... so the session stuff is cute, but you can always make it more secure by doing something like this:
def set_cart
#cart = Cart.find_by(id: session[:cart_id], user: session[:user_id])
rescue ActiveRecord::RecordNotFound
#cart = Cart.create
session[:cart_id] = #cart.id
end
Now I know you don't have the session[:user_id], but I'm guessing you already have a pretty good idea on how to get it done. ;)
Hint: On Sign In
I am having challenges assigning a current user a role in a team the user is creating. I want to assign the user that creates the team the role of the captain which could be changed later.
I'm currently using the create_asociation method that comes with has_one relationship, as this instantiates the values of the associated model, which i want to be instantiated with the current user but get the error Can't mass assign protected attribute: captain. Captain is a self join model with user as i will like to use captain.teammates and team.captain.
Below are the models involved.
User and Captain Model
class User < ActiveRecord::Base
has_one :profile
has_many :teammates, :class_name => "User", :foreign_key => "captain_id"
belongs_to :captain, :class_name => "User"
belongs_to :team
# before_create :build_profile
after_create :build_default_profile
accepts_nested_attributes_for :profile
attr_accessible :email, :password, :password_confirmation, :profile_attributes, :captain_id
def build_default_profile
Profile.create(user_id: self.id)
end
has_secure_password
before_save { email.downcase! }
before_save :create_remember_token
VALID_EMAIL_REGEX = /\A[\w+\-.]+#[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
uniqueness: { case_sensitive: false }
validates :password, presence: true, length: { minimum: 6 }
validates :password_confirmation, presence: true
private
def create_remember_token
self.remember_token = SecureRandom.urlsafe_base64
end
end
Team Model
class Team < ActiveRecord::Base
has_many :profiles, through: :users
has_one :captain, :class_name => "User", foreign_key: :captain_id
has_one :result, as: :result_table
attr_accessible :teamname, :color, :result_attributes, :captain_attributes
after_create :build_result_table
after_create :build_default_captain
accepts_nested_attributes_for :profiles
accepts_nested_attributes_for :captain
accepts_nested_attributes_for :result
def build_result_table
Result.create(result_table_id: self.id, result_table_type: self.class.name)
end
def build_default_captain
# Team.captain = User
# Captain.create(team_id: self.id, captain_id: user.id)
end
end
User Controller
class UsersController < ApplicationController
before_filter :signed_in_user, only: [:index, :edit, :update, :destroy]
before_filter :correct_user, only: [:edit, :update]
before_filter :admin_user, only: :destroy
def new
#user = User.new
end
def create
#user = User.new(params[:user])
if #user.save!
sign_in #user
flash[:success] = "Welcome to the JHDC Mini Olympics Web Application; Thanks for singing Up"
redirect_to user_profile_path(#user, #profile)
else
flash[:error_messages]
render 'new'
end
end
def show
#user = User.find(params[:id])
end
def index
#users = User.paginate(page: params[:page])
end
def edit
#user = User.find(params[:id])
end
def update
#user = User.find(params[:id])
if #user.update_attributes(params[:user])
flash[:success] = "Profile Updated"
redirect_to user_profile_path(#user, #profile)
else
render 'edit'
end
end
def destroy
User.find(params[:id]).destroy
flash[:success] = "User deleted."
redirect_to users_url
end
private
def signed_in_user
unless signed_in?
store_location
redirect_to signin_url, notice: "Please sign in."
end
def correct_user
#user = User.find(params[:id])
redirect_to(root_path) unless current_user?(#user)
end
def admin_user
redirect_to(root_path) unless current_user.admin?
end
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
end
end
Team Controller
class TeamsController < ApplicationController
def new
#team = Team.new
end
def create
#team = Team.new(params[:team])
#captain = #team.create_captain(captain: current_user)
if current_user.admin?
if #team.save!
flash[:success] = "Team created."
redirect_to #team
else
flash[:error_messages]
render 'new'
end
else
flash[:error] = "Sorry, you don't have the authority to create a Team"
redirect_to current_user
end
end
def index
#teams = Team.paginate(page: params[:page])
end
def show
#team = Team.find(params[:id])
end
def edit
if current_user.admin?
#team = Team.find(params[:id])
else
flash[:error] = "Sorry you dont have the authourity to edit a Team"
redirect_to current_user
end
end
def update
#team = Team.find(params[:id])
if #team.update_attributes(params[:team])
flash[:success] = "Team Updated"
redirect_to #team
else
render 'edit'
end
end
def destroy
Team.find(params[:id]).destroy
flash[:success] = "Team is deleted."
redirect_to teams_url
end
private
def team_params
params.require(:team).permit(:teamname, :color)
end
end
The admin is currently a way i'm using to restrict the user that can create a team but i plan to use gems like declarative authorization to create role based authorization. Thanks
The error you are getting is because the attribute :captain is not declared as attr_accessible
Either set the attribute :captain in your list of attr_accessible for the User model, or change the code form
Captain.create(team_id: self.id, captain_id: user.id)
to
captain = Captain.new
captain.team_id = self.id
captain.captain_id = user.id
captain.create
in this way, the attribute won't be set by mass-assignment and won't raise the error
Edited
After checking your code twice, just realized that you don't have a Captain model, actually :captain is a relation for the user and a relation from the Team to the User.
So on Team model, take off the build_default_captain stuff and the after_create :build_default_captain, I would say to replace with something like
after_save :set_default_captain
def set_default_captain
if captain_id_changed?
profiles.each do |user|
user.captain = captain
user.save
end
end
end
so every time the captain_id change for the model, you change the captain_id of all its profiles (users)
Then on the Team controller, on the action create, instead of
#team = Team.new(params[:team])
#captain = #team.create_captain(captain: current_user)
do something like
#team = Team.new(params[:team])
#team.captain = current_user
if current_user.admin?
if #team.save!
current_user.update_attribute(:team_id, #team.id)
flash[:success] = "Team created."
redirect_to #team
else
flash[:error_messages]
render 'new'
end
else
flash[:error] = "Sorry, you don't have the authority to create a Team"
redirect_to current_user
end
so on the last part of the code, you set the captain of the team to the current user and set the user team to the current team once its saved, you can also improve the code with current_user.build_team to avoid saving current_user.update_attribute
I have created a migration to my users table with the following code:
add_column :users, :email_confirmed, :boolean, :default => false
however when a new user is created the :email_confirmed field is automatically set to true. Has this happened to anyone? Am I missing something simple? Any insights are welcome.
My User model:
class User < ActiveRecord::Base
has_many :microposts, dependent: :destroy
has_many :relationships, foreign_key: "follower_id", dependent: :destroy
has_many :followed_users, through: :relationships, source: :followed
has_many :reverse_relationships, foreign_key: "followed_id",
class_name: "Relationship",
dependent: :destroy
has_many :followers, through: :reverse_relationships, source: :follower
has_secure_password
before_save { email.downcase! }
VALID_EMAIL_REGEX = /\A[\w+\-.]+#[a-z\d\-]+(?:\.[a-z\d\-]+)*\.[a-z]+\z/i
before_create :create_remember_token
before_create :confirmation_token
validates :name, presence: true, length: { maximum: 50 }
validates :email, presence: true,
format: { with: VALID_EMAIL_REGEX },
uniqueness: { case_sensitive: false }
validates :password, length: { minimum: 6 }, :unless => :email_activate
def feed
Micropost.from_users_followed_by(self)
end
def following?(other_user)
relationships.find_by(followed_id: other_user.id)
end
def follow!(other_user)
relationships.create!(followed_id: other_user.id)
end
def unfollow!(other_user)
relationships.find_by(followed_id: other_user.id).destroy
end
def User.new_remember_token
SecureRandom.urlsafe_base64
end
def User.digest(token)
Digest::SHA1.hexdigest(token.to_s)
end
def email_activate
self.email_confirmed = true
save!(:validate => false)
end
def send_password_reset
self.password_reset_token = SecureRandom.urlsafe_base64.to_s
self.password_reset_sent_at = Time.zone.now
save!(:validate => false)
UserMailer.password_reset(self).deliver
end
private
def create_remember_token
self.remember_token = User.digest(User.new_remember_token)
end
def confirmation_token
# only generate if you did not manually set value
if self.confirm_token.blank?
self.confirm_token = SecureRandom.urlsafe_base64.to_s
end
end
end
and my Users Controller:
class UsersController < ApplicationController
before_action :signed_in_user, only: [:index, :edit, :update, :destroy, :following, :followers]
before_action :correct_user, only: [:edit, :update]
before_action :admin_user, only: :destroy
before_action :registered_already, only: [:new, :create]
def index
#users = User.paginate(page: params[:page])
end
def show
#user = User.find(params[:id])
#microposts = #user.microposts.paginate(page: params[:page])
end
def new
#user = User.new
end
def create
#user = User.new(user_params)
if #user.save
UserMailer.registration_confirmation(#user).deliver
flash[:success] = "Please confirm your email address to continue"
redirect_to root_url
else
flash[:error] = "Ooooppss, something went wrong!"
render 'new'
end
end
def edit
end
def update
if #user.update_attributes(user_params)
flash[:success] = "Profile updated"
redirect_to #user
else
render 'edit'
end
end
def destroy
user = User.find(params[:id])
unless current_user?(user)
user.destroy
flash[:success] = "User deleted."
end
redirect_to users_url
end
def following
#title = "Following"
#user = User.find(params[:id])
#users = #user.followed_users.paginate(page: params[:page])
render 'show_follow'
end
def followers
#title = "Followers"
#user = User.find(params[:id])
#users = #user.followers.paginate(page: params[:page])
render 'show_follow'
end
def confirm_email
user = User.find_by_confirm_token(params[:id])
if user
user.email_activate
flash[:success] = "Welcome to the Sample App!"
redirect_to root_url
else
flash[:error] = "Sorry. User does not exist"
redirect_to root_url
end
end
private
def user_params
params.require(:user).permit(:name, :email, :password,
:password_confirmation)
end
# Before filters
def correct_user
#user = User.find(params[:id])
redirect_to(root_url) unless current_user?(#user)
end
def admin_user
redirect_to(root_url) unless current_user.admin?
end
def registered_already
redirect_to root_url, notice: "You are already registered." if signed_in?
end
end
my Sessions Controller
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_email(params[:email].downcase)
if user && user.authenticate(params[:password])
if user.email_confirmed
sign_in user
redirect_back_or user
else
flash.now[:error] = 'Please activate your account by following the
instructions in the account confirmation email you receieved to proceed'
end
else
flash.now[:error] = 'Invalid email/password combination' # Not quite right!
render 'new'
end
end
def destroy
sign_out
redirect_to root_url
end
end
I have a feeling that the email_activate method in the users model is being called on the create action but I don't know why?....
Just while I was doing this I commented out the `:unless => :email_activate' in the password validator. Now everything works. I am surprised that this was the reason as it does not make logical sense to my (admittedly somewhat limited) understanding of rails. Could someone explain why this was setting the email confirmed field to true please?
If you want the default value to always be set, you can't allow null values. Specify :null => false
add_column :users, :email_confirmed, :boolean, :null => false, :default => false