I can mark a post by using unread gem.
post = Post.first
post.mark_as_read! for: current_user
But I couldn't find how to "unread" the post that is marked as "read".
How can I make it?
If you take a look at the issues page for the gem on github you'll see that this has been brought up there. There doesn't seem to be an official way to do this with the gem; however, user firedev over on github put up his solution.
def mark_as_unread_except current_user
ReadMark.where(readable_type: self.class.class_name, readable_id: id).each(&:destroy!)
mark_as_read!(for: current_user)
end
This might be what you need. But take a look at the full page for commentary and ideas. As of now, there is no offical way to do this with the gem.
My working approach is:
post.read_mark(current_user).destroy!
Related
I'm running an e-commerce using Rails 2.3.8 and spree 0.11.0 (I'm also rebuilding the whole site with the latest rails/spree version but this problem I need to fix right away). I need to redirect the user to a customized view at the moment that the he enters the creditcard information. I have something like this inside my orders_extension.rb:
CheckoutsController.class_eval do
update.after :redirect_to_thank_you
def redirect_to_thank_you
redirect_to '/somewhere'
end
end
It actually goes through this action, but I want it to be the LAST action. It keeps doing more requests after my call.
Any help would be appreciated.
I think what you're looking for is a completion_route. You can see it being used here. Right now, it redirects to the Order show page. What I would do:
Spree::CheckoutsController.class_eval do
def completion_route(_custom_params = nil)
redirect_to main_app.order_processed_path
end
end
I'm looking into RoR some way to: login into the system with DEVISE, (it's working), but i'm needing something than keeps always the view of this logged user, and avoid than this user looks another views.
http://xx.xx.xx.xx:3000/user/1
And this user cannot look the content of:
http://xx.xx.xx.xx:3000/user/2.
Please, sorry if this is a silly question, but, i was looking 2 days and i don't know how i can name this feature.
Thanks!
There are gems available for this Authorization. I prefer can can which is one of the best Authorization gems available
Here is the gem=> https://github.com/ryanb/cancan
And here is the rails cast tutorial using it=> http://railscasts.com/episodes/192-authorization-with-cancan
EDIT: If you want to manually implement this then you just need to make a method with following logic
def check_authorization
# Assuming user ID is coming in params[:id]
if current_user.id == params[:id]
return
else
# render or redirect to some page with access denied message
end
end
And call this method just before any action in which you want to check for authorization.
I've been watching and reproducing these railscasts on my app: 196-nested-model-form-part-1 and 197-nested-model-form-part-2. I do not yet have a pro account so i can't watch the revised episode.
I'm developing under rails4 (edge) and link_to_function has been deprecated in favor of unobstrusive JS (which is great).
I'll keep the example of the above railscasts (i.e. survey/question).
What i'd like to do is to use the question's partial through unobstrusive javascript and i just don't know how and where i should do this.
I was thinking of two ways to do so :
First way would be to add in my app/assets/javascripts a file surveys.js with the function add_question but i don't see how i could use my partial from here.
Other way would be to create a new action in my SurveyController that would respond using the question partial but i'm bothered by the fact of having an action specific to questions in my survey controller.
I can't help to think there must be a better way to do this.
Did you know about remote links and forms? You can use a remote link here to accomplish what you want.
In your view:
link_to 'Add question', add_question_path(#survey), remote: true
In your controller
def add_question
#survey = Survey.find(params[:id])
respond_to do |format|
format.js #add_question.js.erb
end
end
The last step is to create a file app/views/surveys/add_question.js.erb
$('#my_survey').append('<%=j render partial: 'my_question_partial' %>')
Don't forget to create a route for your ask_question_path
For more info about remote links and forms see: http://tech.thereq.com/post/17243732577/rails-3-using-link-to-remote-true-with-jquery-ujs
I don't have a pro account on Railscasts either, but sometimes it is a good idea to have a look at Ryan's Github account. Oftentimes he develops gems to stuff he covered in his episodes. There you will find this awesome nested_form gem, which does exactly what you want.
Of course you can reinvent the wheel, but I think it is much easier and faster to use Ryan's gem. The documentation explains perfectly how to use it. Have fun!
ok, bear with me here, please.
i'm asking a question in which i'm not fully conversant of all the technical details, etc. (in other words, please take it easy on me for not being fully up on the par).
i've created a ROR application with Devise's gem ... it allows you to sign in, sign up, and log out.
it's very simple, and it just has a page in which you fill in your name, favorite hobby, & book. (hey, it's just an example)
i've also used their redirect code to go this page:
def after_sign_in_path_for(resource)
posts_path
end
the thing is that ... this page is public to everyone who logs in.
how do i redirect the user to their own page? and not see everyone's else "notes."
i've looked around ... and Devise has a link on sessions_controllers ...
do i use that? i don't fully understand the purpose of it.
if yes, how? still trying to figure out how all the puzzle pieces fit together, and it's hard to do that when you don't have full understanding of the topic itself.
or is there another way that's simpler?
if this question is too broad, please let me know ... but i'm not really quite sure how to break it down.
in essence, what i'm really asking is how do i have a user be directed to their own page and not see anyone else's page.
thanks in advance for any help/advice/pointers/etc.
First, let's assume your User model has_many :posts. In your PostsController index action (the default RESTful route would be posts_path) you can put something like this:
#posts = current_user.posts
and when visiting the index view you will only see the current user's posts.
That being said, you are not limited to the index view. You can customize any view you'd like and have a corresponding Controller action with declared instance variables which you can manipulate in your views.
Does that makes sense?
Try with:
def after_sign_in_path_for(user) # note: user or w/e your model is named
users_path(current_user)
end
I am currently building a Rails app, and trying to figure out the best way to authenticate that a user owns whatever data object they are trying to edit.
I already have an authentication system in place (restful-authentication), and I'm using a simple before_filter to make sure a user is logged in before they can reach certain areas of the website.
However, I'm not sure the best way to handle a user trying to edit a specific piece of data - for example lets say users on my site can own Books, and they can edit the properties of the book (title, author, pages, etc), but they should only be able to do this for Books that -they- own.
In my 'edit' method on the books controller I would have a find that only retrieved books owned by the current_user. However, if another user knew the id of the book, they could type in http://website.com/book/7/edit , and the controller would verify that they are logged in, then show the edit page for that book (seems to bypass the controller).
What is the best way to handle this? Is it more of a Rails convention routing issue that I don't understand (being able to go straight to the edit page), or should I be adding in a before_find, before_save, before_update, after_find etc callbacks to my model?
check out the following gems:
cancan
devise
authlogic
and don't miss Ryan's great railscasts on the above
this will give access to anyone who changes the value in the address bar
#book = Book.find(params[:id])
but if you go through the association of the logged on user rails (ActiveRecord) will automatically update the sql query
#book = current_user.books.find(params[:id])
of course this assumes that your books table has a user_id column
You may need an authorization plugin. I had some experience use this plugin a while back. This article also has an overview:
You might also take a look at Declarative Authorization
Hey I have recently done this myself. The easiest way to do this is to have the edit feature display on the page but incase it in a method such as the following:
<%if current_user %>
<% if current_user.id == wishlist.user_id %>
<div id="text3"><%= link_to 'Edit', edit_wishlist_path(#wishlist) %></div><br />
<%end%>
<%end%>
Is this what you were hoping for?