I'm working on supporting users in my Rails app. There's no need for a user to even be aware that there are other users out there. I don't want to just use resources :users, because the routes that generates are these:
users GET /users users#index
POST /users users#create
new_user GET /users/new users#new
edit_user GET /users/:id/edit users#edit
user GET /users/:id users#show
PATCH /users/:id users#update
PUT /users/:id users#update
DELETE /users/:id users#destroy
(.:format) removed for improved readability.
You'd have to put the user id number in the URL, and that offers a chance for users to be aware that other users exist. I want these routes:
users GET /users users#index
POST /users users#create
new_user GET /users/new users#new
edit_user GET /users/me/edit users#edit
user GET /users/me users#show
PATCH /users/me users#update
PUT /users/me users#update
DELETE /users/me users#destroy
Yes. /users/me is the path of your user, and that's the only user path you can get at.
But the problem is defining these routes. Here's one idea:
resources :users, constraints: { id: 'me' }
And in the User model:
def to_param
'me'
end
But that seems too kludgy for me. Any better ideas?
With Singular Resources your are good to go ;-)
Define your routes like this:
# config/routes.rb
resources :users, only: [:index, :create, :new]
resource :user, path: '/users/me', only: [:show, :edit, :update, :destroy]
Your routes will be singular (/user) if you leave the path: option. Play around with the options ;-)
And your rake routes result should look like this:
Prefix Verb URI Pattern Controller#Action
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/me/edit(.:format) users#edit
user GET /users/me(.:format) users#show
PATCH /users/me(.:format) users#update
PUT /users/me(.:format) users#update
DELETE /users/me(.:format) users#destroy
You can also test the routes on the Rails console (rails c)
2.1.3 :001 > Rails.application.routes.url_helpers.user_path
=> "/users/me"
2.1.3 :002 > Rails.application.routes.url_helpers.edit_user_path
=> "/users/me/edit"
If you want, you can pluralize :user on the Singular Resources, but don't forget to set the as: option, her an example:
# config/routes.rb
resources :users, only: [:index, :create, :new]
resource :users, path: '/users/me', as: 'user', only: [:show, :edit, :update, :destroy]
Please take a look to the notes and warnings in the Rails guide! Here is an excerpt:
A long-standing bug prevents form_for from working automatically with singular resources. ...
Related
Rails routes create the 7 CRUD actions by default following REST.
resources :users
However, I have a confirm_destroy action that I use in almost every resource, because I have a lot of logic that goes on the confirmation page; it's not just a simple yes/no alert dialog.
resources :users do
get :confirm_destroy, on: :member
end
With 50+ resources, it gets tedious to write this out for each resource and my routes file is literally 3x longer because of this.
Is there any way to add an action to the standard 7 for the resources block such that
resources :users
would be the same as
resources :users do
get :confirm_destroy, on: :member
end
and I can use it in the routes as a standard action, ie:
resources :users, only: [:show, :confirm_destroy, :destroy]
resources :users, except: [:confirm_destroy]
While not quite as elegant as you might like, the Rails way would be to use a routing concern, as #dbugger suggested.
For example:
concern :confirmable do
get 'confirm_destroy', on: :member
end
resources :users, :widgets, concerns: :confirmable
$ rails routes
Prefix Verb URI Pattern Controller#Action
confirm_destroy_user GET /users/:id/confirm_destroy(.:format) users#confirm_destroy
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
confirm_destroy_widget GET /widgets/:id/confirm_destroy(.:format) widgets#confirm_destroy
widgets GET /widgets(.:format) widgets#index
POST /widgets(.:format) widgets#create
new_widget GET /widgets/new(.:format) widgets#new
edit_widget GET /widgets/:id/edit(.:format) widgets#edit
widget GET /widgets/:id(.:format) widgets#show
PATCH /widgets/:id(.:format) widgets#update
PUT /widgets/:id(.:format) widgets#update
DELETE /widgets/:id(.:format) widgets#destroy
I have a controller in a name spaced controller/user directory, so its first line is
class User::BookingsController < ApplicationController
I have set the routes as follows
resources :users do
namespace :user do
resources :bookings
end
end
The path to index action is
user_user_bookings_path or
/users/:user_id/user/bookings(.:format)
which works fine, but the double user_user sounds like a Catch 22 joke. Is there a more elegant way to do this?
What would you like to achieve? You are namespacing under "user" after all. You can try options like as: nil, but I think this will be even funnier (user__bookings_path).
What you can do is write every route by hand, something like:
resources :users do
post 'bookings', to: 'user/bookings#create'
end
# => user_bookings_path, POST /users/:user_id/bookings
or if you want to preserve the URL
resources :users do
post '/user/bookings', to: 'user/bookings#create', as: 'bookings'
end
# => user_bookings_path, POST /users/:user_id/user/bookings
Try this
resources :users do
resources :bookings
end
According to the docs you can namespace your resource
by using the namespace block
namespace :api do
resources :users
end
this would give you those routes:
/api/users [GET, POST]
/api/users/:id [GET, PUT, DELETE]
However you want to nest the resource within another resource (docs) you would do this:
resources :users do
resources :bookings
end
Which would result in these routes:
/users/:user_id/bookings [GET, POST]
/users/:user_id/bookings/:id [GET, PUT, DELETE]
Because you have your controller scoped under User you have to set the user scope like this:
resources :users do
resources :bookings, module: :user
end
Which results in those routes:
➜ playground rake routes
Prefix Verb URI Pattern Controller#Action
user_bookings GET /users/:user_id/bookings(.:format) user/bookings#index
POST /users/:user_id/bookings(.:format) user/bookings#create
new_user_booking GET /users/:user_id/bookings/new(.:format) user/bookings#new
edit_user_booking GET /users/:user_id/bookings/:id/edit(.:format) user/bookings#edit
user_booking GET /users/:user_id/bookings/:id(.:format) user/bookings#show
PATCH /users/:user_id/bookings/:id(.:format) user/bookings#update
PUT /users/:user_id/bookings/:id(.:format) user/bookings#update
DELETE /users/:user_id/bookings/:id(.:format) user/bookings#destroy
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
I have an issue regarding shallow routing in rails. I have a set of routes nested 3 levels users have many portfolios have many displays. What i want to do is have a shallow route for my portfolios, but have verbose routing for displays. I've tried passing shallow: false but that doesnt seem to do anything
# config/routes.rb
resources :users do
resources :portfolios, shallow: true do
resources :displays #shallow: false
end
end
for my users and portfolios, this works the way i want
#users routes
/users #index
/users/:id #show
#portfolios routes
/users/:user_id/portfolios #index
/portfolios/:id #show
however, from here i want verbose displays keyed off the shallow portfolio
#desired display routes
/portfolios/:portfolio_id/displays #index
/portfolios/:portfolio_id/displays/:id #show
#actual display routes
/portfolios/:portfolio_id/displays #index
/displays/:id #show
Is there a way to utilize the shallow configuration in this way?
Rails.application.routes.draw do
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
resources :users do
resources :portfolios, shallow: true
end
resources :users, only: [] do
resources :portfolios, only: [] do
resources :displays
end
end
end
Here are the routes
Prefix Verb URI Pattern Controller#Action
user_portfolios GET /users/:user_id/portfolios(.:format) portfolios#index
POST /users/:user_id/portfolios(.:format) portfolios#create
new_user_portfolio GET /users/:user_id/portfolios/new(.:format) portfolios#new
edit_portfolio GET /portfolios/:id/edit(.:format) portfolios#edit
portfolio GET /portfolios/:id(.:format) portfolios#show
PATCH /portfolios/:id(.:format) portfolios#update
PUT /portfolios/:id(.:format) portfolios#update
DELETE /portfolios/:id(.:format) portfolios#destroy
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
user_portfolio_displays GET /users/:user_id/portfolios/:portfolio_id/displays(.:format) displays#index
POST /users/:user_id/portfolios/:portfolio_id/displays(.:format) displays#create
new_user_portfolio_display GET /users/:user_id/portfolios/:portfolio_id/displays/new(.:format) displays#new
edit_user_portfolio_display GET /users/:user_id/portfolios/:portfolio_id/displays/:id/edit(.:format) displays#edit
user_portfolio_display GET /users/:user_id/portfolios/:portfolio_id/displays/:id(.:format) displays#show
PATCH /users/:user_id/portfolios/:portfolio_id/displays/:id(.:format) displays#update
PUT /users/:user_id/portfolios/:portfolio_id/displays/:id(.:format) displays#update
DELETE /users/:user_id/portfolios/:portfolio_id/displays/:id(.:format) displays#destroy
I am coding a website, that have no legit option for editing users.
Once created, nothing can be changed.
And here is my question:
Is it possible to change users data (for example by sending patch requests) without using edit form (because I did not create one), by 3rd party (a.k.a. not host)?
As Rails 5 requires, I am using strong params (sending user name and password when creating user by signup form).
#routes
Prefix Verb URI Pattern Controller#Action
root GET / sessions#new
signup GET /signup(.:format) users#new
POST /signup(.:format) users#create
login GET /login(.:format) sessions#new
POST /login(.:format) sessions#create
logout DELETE /logout(.:format) sessions#destroy
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
Should also mention that there is no update method, but I am using
resources :users
For third party access to your db you probably need an API.
Simplified example:
You app's URL is https://myapp.example.com/.
config/routes.rb:
namespace :api do
namespace :v1 do
resources :users, only: [:update]
end
end
rake routes:
Prefix Verb URI Pattern Controller#Action
api_v1_user PATCH /api/v1/users/:id(.:format) api/v1/users#update
PUT /api/v1/users/:id(.:format) api/v1/users#update
app/controllers/api/v1/base_controller.rb:
class Api::V1::BaseController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
protect_from_forgery with: :null_session
end
app/controllers/api/v1/users_controller.rb:
class Api::V1::UsersController < Api::V1::BaseController
def update
# check params, maybe look for some security tokens
user = User.find(params[:id])
if user
user.update_attribute(:name, params[:name])
render plain: "success" and return
else
render plain: "failure" and return
end
end
end
Then request like this
curl -X PATCH https://myapp.example.com/api/v1/users/1?name=new_name
would change users' with id = 1 name by "new_name".
For proper API desing you may check http://jsonapi.org/.
Lets say I have an UsersController that contains an action #new. In my routes file I map with the following:
match 'signup', to: 'users#new'
This action can now be accessed by both /signup and /users/new. How do I restrict it to only the custom route.
I apologize if this has been answered, but am new to this. I've searched, but haven't found the answer. Possibly due to my not knowing how to concisely phrase this.
You can exempt the new route from the users resource, and replace it with your custom route:
resources :users, except: [:new]
get 'signup', to: 'users#new', as: "new_user"
Resulting in:
users GET /users(.:format) users#index
POST /users(.:format) users#create
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
new_user GET /signup(.:format) users#new