I followed Railscast #393 to implement guest users into my application. The only problem I'm having with this approach is that it requires the user to still click a button to create the user (albeit without signing up). My goal is to have this occur automatically, but without happening every time the page is reloaded or visited again. I'm at a loss on how to go about this.
user_controller.rb
class UsersController < ApplicationController
def new
#user = User.new
end
def create
#user = params[:user] ? User.new(params[:user]) : User.new_guest
if #user.save
current_user.move_to(#user) if current_user && current_user.guest?
session[:user_id] = #user.id
redirect_to root_url
else
render "new"
end
end
end
user.rb
class User < ActiveRecord::Base
attr_accessible :name, :provider, :uid, :email
has_many :posts, :dependent => :destroy
has_many :comments, :dependent => :destroy
def self.new_guest
new { |u| u.guest = true }
end
def move_to(user)
posts.update_all(user_id: user.id)
comments.update_all(user_id: user.id)
end
end
application.html.erb
<ul>
<li><%= button_to "Try it for free!", users_path, method: :post %></li>
</ul>
I can provide any additional information necessary to help answer this question.
You could potentially handle this in a before_filter, but you'd want to consider that you'd be creating a new guest user any time that anyone or anything (Google bot, for instance) requests a page from your site without an existing session. Requiring some sort of user action to kick it off is probably a good thing. That being said, if you really wanted to do it you could do something like this in your ApplicationController:
before_filter :create_guest_if_needed
def create_guest_if_needed
return if session[:user_id] # already logged in, don't need to create another one
#user = User.new_guest
#user.save
session[:user_id] = #user.id
# do anything else you need here...
end
Related
I'm building an events app with users who will each have a personal profile. I've set up a few users for the site but when I try and create and/or edit a profile for each user it refers me back to a flash message "That profile doesn't belong to you!" which is in reference to my first user profile which was set up and works fine.
I'm using Devise gem for initial set up but have built out from their with my own user controller. Here's the code from that controller -
class UsersController < ApplicationController
before_action :authenticate_user!
before_action :set_user
before_action :owned_profile, only: [:edit, :update]
def new
#user = User.new
end
def show
#user = User.find(params[:id])
end
def create
end
def edit
#user = current_user #User.find_by(params[:id])
end
def update
#user = User.find_by(params[:id])
if #user.update(user_params)
redirect_to user_path, notice: "Profile successfully updated!"
else
render 'edit'
end
end
private
def user_params
params.require(:user).
permit(:name, :username, :biography, :email, :url)
end
def owned_profile
unless current_user == #user
flash[:alert] = "That profile doesn't belong to you!"
redirect_to root_path
end
end
def set_user
#user = User.find_by(params[:id])
end
end
Any assistance would be appreciated.
I would create an admin. An easy way to do this is to add a column to your users table called admin and make it a boolean. Migrate the db.
Then check to whether a user is an admin before running the owned_profile method. In that method, change: unless current_user == #user to
unless current_user == #user || current_user.admin
Then set yourself as an admin in the console, save and then freely add profiles without that callback running.
If the issue is that Users are not able to edit their own profile, then I believe it is caused by the use of find_by within set_user:
#user = User.find_by(params[:id])
Should be:
#user = User.find(params[:id])
If you truly wanted to use find_by you could do:
#user = User.find_by_id(params[:id])
Or
#user = User.find_by(id: params[:id])
Find_by used as the 2 examples above will not throw an error if a User is not found, while find will.
Sidenote: You can remove the #user assignment within the show action.
You can do it by this way.
When user signing up, automatically creates profile. Good point of this ID of user and profile tables will be the same.
rails g model profile first_name last_name email
rails g migration add_user_id_to_profiles user_id:integer
Profile.rb
belongs_to :user
User.rb
has_one :profile, dependent: :destroy
before_create :set_profile
def set_profile
build_profile(id: self.id, user_id: self.id, email: self.email)
end
GoodLuck.
I've got an app where users can add an organisation to their account. I want them to be able to edit their organization, and protect it from being edited by any other user. it looks like this
class OrganizationsController < ApplicationController
before_action :correct_user, only: [:edit, :update, :destroy]
private
def correct_user
#organization = current_user.organization.find_by_id(params[:id])
redirect_to root_url if #organization.nil?
end
end
models
class Organization < ActiveRecord::Base
belongs_to :user
validates :user_id, presence: true
end
class User < ActiveRecord::Base
has_one :organization
end
Through Rspec I can find a record for current_user.organization. However when i call current_user.organization.find_by I receive a undefined method 'find_by'.
Can't figure out what i'm doing wrong here.
If organization is a single record, it will not respond to find_by.
Also, you're checking if organization is nil after calling a method on it. At this time it is too late. If it is nil, and you try to call find_by on it, you'll get a NoMethodError.
Instead try this:
def correct_user
if current_user.organization && current_user.organization.id == params[:id].to_i
#organization = current_user.organization
else
redirect_to root_url
end
end
As soon as the relation between Organization and User is one-to-one, you don't need to call find. #organization = current_user.organization is enough.
Sorry about my answer before. I have revised into this.
def correct_user
#organization = Organization.find_by(id: params[:id])
if current_user.id != #organization.user_id
redirect_to root_url
end
end
When current user is not owner of organization will be redirected to root_url.
An efficient way to handle this is to implement the correct_user method in the Organization controller as follows.
# Confirms the correct user.
def correct_user
#user = User.find(params[:user_id])
redirect_to(root_url) unless current_user?(#user)
end
Debug helper
Add this in your controller to see the contents of the hash at run time
flash[:info] = "Hash: #{params}"
I have this app where a user can write a review for a school. A user must sign in with Facebook to save a review. The problem is if a user is unsigned and writes a review, then signs in with Facebook they have to write the same review again.
I am trying to fix this by storing the review data form in sessions, but I cant quite make it work.
What is the proper rails way to do this?
ReviewForm:
<%= form_for [#school, Review.new] do |f| %>
<%= f.text_area :content %>
<% if current_user %>
<%= f.submit 'Save my review', :class => "btn" %>
<% else %>
<%= f.submit 'Save my review and sign me into facebook', :class => "btn" %>
<% end %>
<%end %>
ReviewController
class ReviewsController < ApplicationController
before_filter :signed_in_user, only: [:create, :destroy]
def create
#school = School.find(params[:school_id])
#review = #school.reviews.new(params[:review])
#review.user_id = current_user.id
if #review.save
redirect_to #review.school, notice: "Review has been created."
else
render :new
end
end
def new
#school = School.find_by_id(params[:school_id])
#review = Review.new
end
def save_review(school, review, rating)
Review.create(:content => review, :school_id => school,
:user_id => current_user, :rating => rating)
end
private
def signed_in?
!current_user.nil?
end
def signed_in_user
unless signed_in?
# Save review data into sessions
session[:school] = School.find(params[:school_id])
session[:review] = params[:review]
session[:rating] = params[:rating]
# Login the user to facebook
redirect_to "/auth/facebook"
# After login save review data for user
save_review(session[:school], session[:review], session[:rating])
end
end
end
My understanding is that it's not "The Rails Way" to store things in the session besides really tiny stuff like a user token, etc. You can read more about that idea in The Rails 3 Way by Obie Fernandez.
I would recommend that you store reviews in the database right from the start and only "surface" the review after the review has been connected to a Facebook-authenticated user. If you have any curiosities regarding how to accomplish that, I'm happy to elaborate.
Edit: here's a little sample code. First I'd take care of associating users with reviews, for "permanent" storage. You could just add a user_id to the review table, but it would probably be null most of the time, and that seems sloppy to me:
$ rails g model UserReview review_id:references, user_id:references
Then I'd create a user_session_review table with a review_id and a user_session_token. This is for "temporary" storage:
$ rails g model UserSessionReview review_id:integer, user_session_token:string
Then when a user signs up, associate any "temporary" reviews with that user:
class User
has_many :user_reviews
has_many :reviews, through: :user_reviews
has_many :user_session_reviews
def associate_reviews_from_token(user_session_token)
temp_reviews = UserSessionReview.find_all_by_user_session_token(user_session_token)
temp_reviews.each do |temp_review|
user_reviews.create!(review_id: temp_review.review_id)
temp_review.destroy
end
end
end
So in your controller, you might do
class UsersController < ApplicationController
def create
# some stuff
#user.associate_reviews_from_token(cookies[:user_session_token])
end
end
You'll of course have to read between the lines a little bit, but I think that should get you going.
Edit 2: To delete old abandoned reviews, I'd do something like this:
class UserSessionReview
scope :old, -> { where('created_at < ?', Time.zone.now - 1.month) }
end
Then, in a cron job:
UserSessionReview.old.destroy_all
You should save the review in the create sessions action (which is not included in your question). Assuming you are using omniauth, you can add something on the action that handles the callback
# review controller
def signed_in_user
unless signed_in?
# Save review data into sessions
session[:school] = School.find(params[:school_id])
session[:review] = params[:review]
session[:rating] = params[:rating]
# Login the user to facebook
redirect_to "/auth/facebook"
end
end
# callback to login the user
def handle_callback
# do your thing here to login the user
# once you have the user logged in
if signed_in?
if session[:school] && session[:review] && session[:rating] # or just 1 check
Review.create(
content: session.delete(:review),
school_id: session.delete(:school),
user_id: current_user.id,
rating: session.delete(:rating)
)
#redirect_to somewhere
end
end
end
I used delete so the session will be cleared of these values.
UPDATE: since you're using a session controller
class SessionsController < ApplicationController
def create
if user = User.from_omniauth(env["omniauth.auth"])
session[:user_id] = user.id
if session[:school] && session[:review] && session[:rating] # or just 1 check
review = Review.new
review.content = session.delete(:review)
review.school_id = session.delete(:school)
review.user_id = user.id
review.rating = session.delete(:rating)
review.save
end
end
redirect_to :back
end
I would like to access "profiles" table from my Profile model which belongs_to :user "User model".
Firstly in my show action of the users_controller I'd like to grab data from the profiles table in order to show on the users profile page.
Secondly I'd like to make it possible for users to edit these things using a form. I know this is done in the update action? while edit action makes it possible to show a form on the edit view page..
Here is my controller:
class UsersController < ApplicationController
def new
#user = User.new
#title = "Practice"
end
def create
#user = User.new(params[:user])
respond_to do |format|
if #user.save
#user.build_profile.save #same as Profile.new(:user_id => #user.id)
login #user
UserMailer.join_confirmation(#user).deliver
format.js { render :js => "window.location = '#{root_path}'" }
flash[:notice] = "Welcome!"
else
format.js { render :form_errors }
end
end
end
def show
end
def update
end
def edit
end
end
1) How would I access my profiles table?
The User has_one :profile
The Profile belongs_to :user
Advice will be appreciated. Took me half of the day to figure out how to have a row corresponding to a newly created user at sign up created in the profiles table and now the next step is to be able to grab data from the model in my users_controller. i know I could just create a profiles_controller and do things there but I don't want to attempt that right now as I'm sure there's a way to do it via the users_controller.
Thanks in advance for advice given.
View:
<%= #profile_data.first_name %>
<h4><%= current_user.username.capitalize %></h4>
<%= gravatar_image_tag(current_user.email, :alt => #title, :class => "gravatar", :gravatar => { :size => 150 }) %>
<br />
Trying to pull first_name from profiles table through users_controller
def show
#user = User.find_by_username(params[:username])
#profile_data = #user.profile
end
route:
match ':username' => "users#show"
I expect to see the name stored in first_name column of the profiles table when i visit localhost:3000/username
it doesn't show the users first name.
You can just do:
#user.profile
That will return the profile belonging to the User
Otherwise:
Profile.where('whatever condition you fancy')
will return A profile object based on conditions
You want a has_one:profile on the User model, and a belongs_to:user on the Profile model, making sure you have the appropriate user_id column in the profiles table. Add accepts_nested_attributes_for:profile to the User model and then you can create/edit the user's profile in the same form for editing users.
Read up on the rails release notes on nested attributes and guides: associations and forms.
I'm trying to create a mailer that sends out an email whenever a user signs up. Pretty simple but I'm new to rails.
I have a site that already creates the user. I have a login and sign up page that works correctly, but need some help creating a mailer that sends out an email confirmation link and possibly an option to send out these emails without the user signing up like make a separate page for user invitations.
I've generated a model invitation.rb
class Invitation < ActiveRecord::Base
belongs_to :sender, :class_name => 'User'
has_one :recipient, :class_name => 'User'
validates_presence_of :recipient_email
validate :recipient_is_not_registered
validate :sender_has_invitations, :if => :sender
before_create :generate_token
before_create :decrement_sender_count, :if => :sender
private
def recipient_is_not_registered
errors.add :recipient_email, 'is already registered' if User.find_by_email(recipient_email)
end
def sender_has_invitations
unless sender.invitation_limit > 0
errors.add_to_base 'You have reached your limit of invitations to send.'
end
end
def generate_token
self.token = Digest::SHA1.hexdigest([Time.now, rand].join)
end
def decrement_sender_count
sender.decrement! :invitation_limit
end
#attr_accessible :sender_id, :recipient_email, :token, :sent_at
end
and my invitiation_controller.rb
class InvitationsController < ApplicationController
def new
#invitation = Invitation.new
end
def create
#invitation = Invitation.new(params[:invitation])
#invitation.sender = current_user
if #invitation.save
if logged_in?
Mailer.deliver_invitation(#invitation, signup_url(#invitation.token))
flash[:notice] = "Thank you, invitation sent."
redirect_to projects_url
else
flash[:notice] = "Thank you, we will notify when we are ready."
redirect_to root_url
end
else
render :action => 'new'
end
end
end
What else do I need to edit? how do I hook this up to an already existing user signup and login that is working fine?
You should already have a UsersController or something like that for registration purposes, which you currently access through the signup_url named route. Suppose that this route is now something like:
http://localhost:3000/register/code_here
All you have to do now is check for the invitation in the controller action and process it accordingly like so:
def new
invite = Invite.find_by_token(params[:id]
if invite.nil?
redirect_to root_path, :notice => "Sorry, you need an invite to register"
end
#user = User.new(:email => invite.recipient_email)
end
def create
invite = Invite.find_by_token(params[:token]
if invite.nil?
redirect_to root_path, :notice => "Sorry, you need an invite to register"
end
begin
invite.nil.transaction do
invite.nil.destroy!
#user = User.create(params[:user)
end
redirect_to my_dashboard_path, :notice => "Yay!"
rescue ActiveRecord::RecordInvalid => invalid
render :new, :alert => "Validation errors"
end
end
Without the invite code, you will simply redirect to root page. You may want to DRY that check though. When someone uses the invite code, you may want to delete it from the database. I wrapped it up in a transaction, but this is up to you (creating the user may be more important).
If you want to create a page that allows users to create invitations without signing up, then simply don't add authentication to InvitationsController and update this snippet:
def create
#invitation = Invitation.new(params[:invitation])
#invitation.sender = current_user if logged_in?
if #invitation.save
Mailer.deliver_invitation(#invitation, signup_url(#invitation.token))
flash[:notice] = "Thank you, invitation sent."
if logged_in?
redirect_to projects_url
else
redirect_to root_url
end
else
render :action => 'new'
end
end
I'm not sure if I covered all the bases, but I think this should point you in the right direction at least.
I can not see where Mailer.deliver_invitation comes from, do you use a gem? would it help if you would create mailer.rb, do you have any error mgs/ stack trace?
Have a look here there are some guides, 5 Action Mailer Configuration
http://guides.rubyonrails.org/action_mailer_basics.html
Consider using devise for user authentication, https://github.com/plataformatec/devise
It is complex, but well documented and easy to configure to jump start.
I assume you are using Rails 3.1 (works also in earlier versions, just find the right guide to your Rails version, to be sure)