Im haveing problems with seeing the attachments from plugin, it shows me the message : You are not authorized to access this page. I used the attachments helper to upload things in my plugin. Here is the code:
Init.rb(giving permissions)
project_module :plugin_name do
permission :view_attachments, :attachments => [:show, :download, :thumbnail, :upload]
The model class, in my case Unit.rb
class Unit < ActiveRecord::Base
belongs_to :project
acts_as_attachable :view_permission => :view_attachments
units_controller.rb
class UnitsController < ApplicationController
helper :attachments
include AttachmentsHelper
menu_item :overviews, :only => [:index, :show, :edit, :new, :update, :create]
before_filter(:find_project, :authorize, :only => [:index, :show, :edit, :new, :update, :create])
...
def create
#unit = Unit.new(unit_params)
if(#unit.save)
attachments = Attachment.attach_files(#unit, params[:attachments])
redirect_to(:action => "index")
flash[:notice] = l(:createMessage)
else
render("new")
end
end
units show.html.erb
<%= link_to_attachments #unit %>
P.S- when i remove this part of code in attachments_controller then i can see my attachments, see below:
before_filter :file_readable, :read_authorize, :only => [:show, :download, :thumbnail]
read_authorize action:
def read_authorize
#attachment.visible? ? true : deny_access
end
I think, you should not reinit permission for attachments.
Try to use special permission from Unit:
acts_as_attachable :view_permission => :view_unit
Related
I am using the Public Activity Gem to track post for my app. Out of the box Public Activity gives me a ActivitiesController. I want to convert this controller to an API Controller so that I can make request to it from a mobile app. Below is the code I'm currently using. How can I rewrite the controller.
class ActivitiesController < ApplicationController
before_action :authenticate_user!
def index
#activities = PublicActivity::Activity.order("created_at desc")
end
end
class Api::V1::ActivitiesController < Api::BaseController
respond_to :json
def index
#activities = PublicActivity::Activity.order("created_at desc")
return render json: {message: "Activity Success"}
end
end
Rails.application.routes.draw do
namespace :api do
scope module: :v1 do
# devise_scope :api_v1_user do
resources :users, :only => [:show, :create, :update, :destroy]
# devise_for :users, :controllers => {passwords: 'api/v1/passwords'}
resources :activities, :only => [:index]
# end
end
end
Take a look here:
http://edgeguides.rubyonrails.org/api_app.html#creating-a-new-application
Focus on the "render json:" parts...
I'm trying to use the link_to helper function to create a new order for a particular product. Here is my:
product model
class Product < ActiveRecord::Base
has_many :orders
end
routes.rb
resources :products, :only => [:show, :new, :create, :index, :update, :destroy] do
resources :orders, :only => [:create]
end
view for product/show.html.erb
<%= link_to 'New Order', new_product_orders_path(#product) %>
controller for orders
class OrdersController < ApplicationController
def create
#order = Order.new
end
end
relevant rake routes:
product_orders POST /products/:product_id/orders(.:format) orders#create
But when I do that I get undefined method `new_product_orders_path'
Whats the correct way to do this in Rails 4?
In your routes add new action here
resources :orders, :only => [:create, :new]
Also your controller is missing new action, in your create action you need to save your record
class OrdersController < ApplicationController
before_filter :set_product
def new
#order = #product.orders.new
end
def create
#order = #product.orders.new(params[:order])
#order.save
end
private
def set_product
#product = Product.where("id =?", params[:product_id]).first
end
end
I think you need
resources :products, :only => [:show, :new, :create, :index, :update, :destroy] do
resources :orders, :only => [:create, :new]
end
You can also check your routes by typing '/rails/info/routes' at the end of your server path.
Currently I got the following code piece in SomethingController:
class SomethingController < ApplicationController
skip_filter :authenticate_user!, :only => [:new, :create, :edit, :update]
#...
#new
#create
#edit
#update
end
Currently: We wanted unauthenticated users to be able to create or update Something objects.
The problem: Due to the different nature of our mobile phone authentication, we want to restrict unauthenticated mobile phone user not to be able to use this controller actions before they sign in/up. Can we add some condition to the filter, like:
skip_filter :authenticate_user!, :only => [:new, :create, :edit, :update], :format=>:html
skip_filter :authenticate_user!, :only => [], :format=>:mobile
If that is not possible, what is the best practice? Is this acceptable?
def new
if current_user.nil?
#redirect to sign_in/up actions
end
#rest of the method
end
Skip the filter only for non mobile requests. Something like below.
class SomethingController < ApplicationController
skip_filter :authenticate_user!, :only => [:new, :create, :edit, :update], :unless => :mobile?
#...
#new
#create
#edit
#update
def mobile?
#implementation here depends on how you do the mobile detection
end
end
I am facing a weird problem
when I am trying to destroy active record it is giving this error.
AbstractController::ActionNotFound at /photos/6
The action 'destroy' could not be found for PhotosController
here is what my controller look like
class PhotosController < ApplicationController
before_filter :authenticate_user!
....
....
def delete
#photo = current_user.photos.find(params[:id])
#photo.destroy
redirect_to photos_path
end
and if I perform the same actions using console it is working fine(the record is getting deleted successfully ).
This is my routes file look like.
resources :photos, :only => [:index, :show, :new, :create] do
post 'upload', :on => :collection
end
I know I have not included :destroy in resources please suggest me how to insert :destroy action to delete photos
if you have resource of photo then action name should be destroy, not delete. and if not then please check your routes.
Seven default action that are generated by scaffolding are follow
index
new
edit
create
update
show
destroy # not delete
I am assuming you are using resources :photo.
The action should be destroy and not delete, as per the Rais Guide.
The seven default actions are: index, new, create, show, edit, update and destroy
def destroy
#photo = current_user.photos.find(params[:id])
#photo.destroy
redirect_to photos_path
end
You can also see the available routes by:
rake routes
EDIT
The problem is here: :only => [:index, :show, :new, :create], which is saying to rails: do not create destroy, edit or update routes.
To solve the problem, you can add destroy to it :only => [:index, :show, :new, :create, :destroy] or use :except instead: :except => [:edit, :update]
If you don't want to limitate the resources:
resources :photos do
post 'upload', :on => :collection
end
EDIT 2 - I don't really understand why you are trying to use delete instead of destroy, However, if you have a good reason for it:
resources :photos :only => [:index, :show, :new, :create] do
post 'upload', :on => :collection
get 'delete', :on => :member
end
In this way you will have the delete_photo_path, which can be used in your show view:
<%= link_to 'Delete', delete_photo_path(#photo) %>
Finally, the action delete should looks like:
def delete
#photo = Photo.find(params[:id])
#photo.destroy
redirect_to photos_path
end
(I'm french)
I've a problem with my Rails (3.2.11) application. When i set my routes with some nouns, it doesn't work !
I explain:
Way::Application.routes.draw do
scope(:path_names => { :new => "nouveau", :edit => "edition" }) do
scope "/admin" do
resources :news, except: [:show, :index], path: '/articles'
resources :users, except: [:show]
resources :pages, except: [:show]
resources :events, except: [:show, :index]
resources :projects, except: [:show,:index], path: '/projets'
resources :galleries, except: [:index, :show] do
resources :paintings, except: [:index, :show]
end
end
end
end
The resources :projects doesn't work when i set it to "/projets".
What doesn't work is: when i want to create a new project in my form, i click on submit, it simply redirect me to "/projets", without doing something !
But when i set the route to "/poneys" for example, it works ! I really don't understand.
Thanks for your help.
https://github.com/khcr/way
class ProjectsController < ApplicationController
def new
#project = Project.new
render layout: 'admin'
end
def create
#project = Project.new(params[:project])
if #project.save
flash[:success] = "Projet créé"
redirect_to project_path(#project)
else
render 'new', layout: 'admin'
end
end
end