How do I make it so when a user logs in the log in button is changed to their email in the nav bar
class SessionsController < ApplicationController
def new
end
def create
#guestaccount = Guestaccount.find_by_email(params[:session][:email])
if #guestaccount && #guestaccount.authenticate(params[:session][:password])
session[:guestaccount_id] = #guestaccount.id
redirect_to '/guest?'
else
flash.now[:danger] = "Invalid email/password combination"
render 'new'
end
end
def destroy
session[:guestaccount_id] = nil
redirect_to '/guest?'
end
end
this is my nav bar
<%= button_to "Returning Guest ", guestlogin_path, :method => "get", class: "button round success" %>
<% if session[:guestaccount_id] %>
<%= Guestaccount.find(session[:guestaccount_id]).email %>
<% else %>
<%= button_to "Returning Guest ", guestlogin_path, :method => "get", class: "button round success" %>
<% end %>
Will do it. Feel free to adjust styling and content within the if/else blocks. If you have a current_user, current_guestaccount, or similar method, I would use that instead of the session and .find call.
You can define a current_guestaccount method in your ApplicationController:
class ApplicationController < ...
# Use this before internal/non-request (index/show/create/etc) controller methods
protected
# Usable in your controllers. E.g. authentication, loading associated data.
def current_guestaccount
# Return nil if the session value isn't set, don't query the DB
return nil unless session[:guestaccount_id]
# #x ||= y
# will make y run only once if it returns a successful value,
# essentially caching it for the entire request
#current_guestaccount ||= Guestaccount.find(session[:guestaccount_id])
end
# This makes current_guestaccount, a controller method, accessible in your views.
helper_method :current_guestaccount
end
Then, in your view you can use
<% if current_guestaccount %>
<%= current_guestaccount.email %>
<% else %>
<%= button_to "Returning Guest ", guestlogin_path, :method => "get", class: "button round success" %>
<% end %>
Which will use 1 SELECT query for the whole request instead of multiple. You can also use classes and HTML nodes within your view:
<% if current_guestaccount %>
<span class="guest-email"><%= current_guestaccount.email %></span>
<% else %>
<%= button_to "Returning Guest ", guestlogin_path, :method => "get", class: "button round success" %>
<% end %>
To adjust the styling later with CSS.
Similar to what Benjamin Mann's said, however please do not put ORM queries in the view template...
If the user is logged user should be stored in the controller.
<% if current_user %>
<%= current_user.email %>
<% else %>
<%= button_to "Returning Guest ", guestlogin_path, :method => "get", class: "button round success" %>
<% end>
Related
Sort of new in rails so i might be doing things the wrong way
show.html.erb:
<% #feature.each do |p| %>
<br>
<h1><%= p.name %></h1>
<%= p.unit_price %>
<%= render partial: "shared/featureuse_form", locals: {feat_use: #feat_use , feature: p} %>
<%= button_to'Change' , feature_use_path(1) , :class => 'btn btn-primary' ,method: :delete %>
<% end %>
Right here in feature_use_path how do i get an id to pass it in order to make a delete button as i havent even created the model yet or its saved in its own controller should
_featureuse_form.html.erb:
<%= form_with model: feat_use do |f| %>
<%= f.number_field :total_units ,value: feature.max_unit_limit %>
<%= f.hidden_field :feature_id, value: feature.id %>
<%= f.hidden_field :usage_id, value: current_user.usage.id %>
<%= f.submit "confirm", id: "button"%>
<% end %>
Plans Controller
class PlansController < ApplicationController
before_action :authenticate_user!
def index
#plan = Plan.all
end
def show
#plan = Plan.find(params[:id])
#feature = #plan.features
#feat_use = FeatureUse.new
end
end
class FeatureUsesController < ApplicationController
def create
feature_use = FeatureUse.new(feature_use_params)
feature_use.total_units = params[:feature_use][:total_units]
feature_use.feature_id = params[:feature_use][:feature_id]
user = current_user.usage
feature_use.usage_id = user.id
feature_use.save
end
end
You're right that you can't create a button (method: :delete or otherwise) that relies on a record that doesn't yet exist.
Usually, a button like this would only be relevant to existing records anyway.
So, it's common to see an if statement like this:
<% if #feature_use.persisted? %>
<%= button_to 'Change' , feature_use_path(#feature_use.id) , :class => 'btn btn-primary', method: :delete %>
<% end %>
.persisted? returns false if the record is new and un-saved.
I am trying to create a search page that searches through the model courses. Courses has a "name" column that lists the names of courses. I created a search controller and this is what I have on my search controller:
class SearchController < ApplicationController
def search
if params[:search].blank?
redirect_to(root_path, alert: "Empty field!") and return
else
#parameter = params[:search].downcase
#results = Courses.all.where("lower(name) LIKE :search", search: #parameter)
end
end
def show
render 'search'
end
end
I have under views/search a search.html.erb page. On this page I have
<%= form_tag(search_path, :method => "get",
class: 'navbar-form navbar-left') do %>
<div class="input-group">
<%= search_field_tag :search, params[:search], placeholder: "Search", class: "form-control" %>
<div class="input-group-btn">
<%= button_tag "", :class => 'btn btn-info glyphicon glyphicon-search',:name => nil%>
</div>
</div>
<% end %>
<h3>Search Result</h3>
<% #results.each do |result| %>
<%= result.name %><br>
<% end %>
However, I am getting the following error when I run my rails server and click on search and I am not sure why #results is null. Thanks for the help!
11: <h3>Search Result</h3>
12:
13: <% #results.each do |result| %>
14: <%= result.name %><br>
15: <% end %>
When the form provided in app/views/search/search.html.erb is submitted, the request is sent to show action by default. But the show action just renders the search view, no #results is assigned and the error occurs.
The search action seems unnecessary and you should use the show action instead. For example, rename app/views/search/search.html.erb to app/views/search/show.html.erb and move the search code to show action as below:
app/controllers/search_controller.rb
class SearchController < ApplicationController
def show
if params[:search].blank?
redirect_to(root_path, alert: "Empty field!")
else
#parameter = params[:search].downcase
#results = Courses.all.where("lower(name) LIKE :search", search: #parameter)
end
end
end
I created a button where users can input stuff in a field and then press the button to update the database (put request) which can be seen here in show.html.erb:
<% provide(:title, #user.name) %>
<div class="row">
<aside class="col-md-4">
<section class="user_info">
<h1>
<%= gravatar_for #user %>
<%= #user.name %>
<br>
<%= #user.email %>
<% if #errors %>
<p>THE FORM COULD NOT BE SAVED </p>
<ul id='errors'>
<% #errors.each do |error| %>
<li><%= error %></li>
<% end %>
</ul>
<% end %>
<br>
<% if is_admin? %>
<% if !#user.admin %>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<%= form_for(#user) do |f| %>
<%= f.label :wistia_project_id %>
<%= f.text_field :wistia_project_id, class: 'form-control' %>
<%= f.submit "Save", :action => "set_wistia_project_ID", :method => :patch, :form_class => "form-control" %>
<% end %>
</div>
</div>
<% end %>
<% end %>
</h1>
</section>
</aside>
</div>
The function is in user_controller.rb:
# Sets wistia_project_ID.
def set_wistia_project_ID
#user = User.find(params[:id])
#user.set_project_id
unless #user.valid?
#errors = #user.errors.full_messages
render :show
end
end
That function calls another function, just to separate things more clearly. This other function lives in user.rb:
# Sets the wistia_project_ID.
def set_project_id!(val)
self.wistia_project_ID = val # self is necessary here
save # or self.save, but the self is unnecessary here
end
My routes.rb:
.
.
.
resources :users do
member do
patch 'set_wistia_project_ID'
end
end
My problem is that right now, when you press the button, it says: Completed 500 Internal Server Error in 26ms (ActiveRecord: 0.7ms)
and
NoMethodError (undefined method `set_project_id' for #<User:0x000055b1a0914ab8>
2019-06-26T14:46:34.940086+00:00 app[web.1]: Did you mean? wistia_project_id):
Zavitoski got it right. I suggest, however, that you're doing a number of things more fundamentally wrong. Given that you're early in your rails journey, I hope you don't mind if I point a few things out.
First, and to be nit-picky, yes, you created a button. But, it is not a button "where users can input stuff in a field and then press the button to update the database". You created a button on a form. And you created a field on that form. The user can input stuff into the field. And when clicked, the button submits the form which includes the information in the field.
Now, on that form, you did:
<%= form_for(#user) do |f| %>
<%= f.label :wistia_project_id %>
<%= f.text_field :wistia_project_id, class: 'form-control' %>
<%= f.submit "Save", :action => "set_wistia_project_ID", :method => :patch, :form_class => "form-control" %>
<% end %>
There are a few things wrong with:
:action => "set_wistia_project_ID"
First, set_wisteria_project_ID is not a very ruby-ish action name. set_wistia_project_id would be more like it. Also, you're using old-form key-value formatting. And, you can use a symbol instead of a string for your action name so your code is prettier. Something, perhaps, like:
<%= f.submit "Save", action: :set_wistia_project_id, method: :patch, form_class: "form-control" %>
But, that's a mistake, too. Because you don't need a set_wistia_project_id action. (It's an action or a method, not a function.) You already have the update action. And form_for is smart enough to submit to this action if #user is an instance of User. So, really, you should do:
<%= form_for #user do |f| %>
<%= f.label :wistia_project_id %>
<%= f.text_field :wistia_project_id, class: 'form-control' %>
<%= f.submit "Save", form_class: "form-control" %>
<% end %>
I'm not sure what form_class is, but I'll trust that it's correct.
Now, in your UsersController, just do:
class UsersController < ApplicationController
def update
#user = User.find(params[:id])
if user.update(user_params)
# do something successful
else
# do something unsuccessful
end
end
private
def user_params
# NOTE: You'll probably want to permit other stuff here, too.
params.require(:user).permit(:wistia_project_id)
end
end
Get rid of this:
class User < ApplicationRecord
# Sets the wistia_project_ID.
def set_project_id!(val)
self.wistia_project_ID = val # self is necessary here
save # or self.save, but the self is unnecessary here
end
end
Because you're just duplicating the update method. And, you probably want that attribute to be wistia_project_id, not wistia_project_ID. (Again, you never see _ID as the suffix in rails core and you might as well be conventional.) And, if you make sure you have your association set up correctly, ActiveRecord should make sure that wistia_project_id is actually a valid value.
And write your routes.rb like this:
resources :users
Because you don't need all that set_wistia_project_id business.
It appears that you are not calling the function by the name you defined, neither passing the parameter (project_id) needed.
def set_wistia_project_ID
#user = User.find(params[:id])
#user.set_project_id!(params[:wistia_project_id])
unless #user.valid?
#errors = #user.errors.full_messages
render :show
end
end
This should use the function you created and pass the parameter from the form.
I am trying to setup so that users will get a "not authorized" message if they click edit for a profile that is not theirs. This message should of course not appear for admins since admins can edit all profiles. I previously done this on Permission.rb, however I got rid of the file to go with a more basic user roles/authorization.
I don't see how I can implement what I had previously on Permission.rb for my current files. I have tried some solutions but they don't add up. If someone could point me in the right direction that will be great. Also I am doing this all from scratch, user authentication/authorization.
index.html.erb:
<% #users.each do |user| %>
<li>
<% if current_user.admin? || current_user == #user %>
<% end %>
<%= link_to "Edit #{user} profile", user %>
| <%= link_to "delete", user, method: :delete,
data: { confirm: "You sure?"} %>
</li>
<% end %>
Why are you giving the chance for users to edit other peoples profiles?
First, you should have a if statement in your view where you show the link for the edit page. I guess this is showing up on a profile of every user, so i suppose the code in your controller is something like this:
def show
#user = User.find(params[:id])
end
Then in your view you should have something like this:
<% if current_user.admin? || current_user == #user %>
<%= link_to 'Edit Profile' , edit_user_path(#user) %>
<% end %>
There is also a case if someone tries to 'force' their way in, just like trying to type a url www.yourapplication.com/users/6/edit you could write a before_filter method in your controller:
before_filter :check_privileges, only => [:edit, :update]
and then write a method in called check_privileges
def check_privileges
unless current_user.admin? || current_user.id == params[:id]
flash[:warning] = 'not authorized!'
redirect_to root_path
end
end
EDIT: After the questioner edited his code, i'm showing the mistake:
You are putting the end too soon:
<% #users.each do |user| %>
<li>
<%= link_to user.name, user %>
<% if current_user.admin? || current_user == #user %>
<%= link_to "Edit #{user} profile", user %>
| <%= link_to "delete", user, method: :delete,
data: { confirm: "You sure?"} %>
<% end %>
</li>
<% end %>
On every page we have a condition like this for guest user.
<% if not_guest? %>
<% link_to "show", path %>
<% end %>
<% if not_guest? %>
<% link_to "delete", path %>
<% end %>
<% if not_guest? %>
<% link_to "edit", path %>
<% end %>
for which link should appear or not for guest user.
Are there any better ways to handle this scenario instead of writing the conditions for every link ?
Make a helper:
#helpers/application_helper.rb
def link_to_unless_guest(*args)
if not_guest
link_to(*args)
end
end
Then call like
<% link_to_unless_guest "show", path %>
def link_to_editable(*args)
options = args.extract_options![:parent]
html_tag = options.nil? ? nil : options.delete(:html_tag)
if not_guest
unless html_tag.nil?
content_tag html_tag,options do
link_to(*args)
end
else
link_to(*args)
end
end
end
<%= link_to_editable 'Show', path,:parent => {:html_tag => "li",:style => "border-top:1px solid #A2A2A2;",:class => "left"} %>
<%= link_to_editable 'Show', path %>
Modified helper which is provided by #Max as per my need.