I am refactoring some older code and am trying to get a better grasp on the respond_with syntax...
Here is my controller:
class VideosController < ApplicationController
authorize_resource
before_filter :authenticate_user!
respond_to :json, :js, :html
def index
#video = Video.new(athlete_id: current_user.id, sport_id: current_athlete_sport.id)
#videos = current_user.videos_for_sport(current_athlete_sport).order("date DESC")
respond_with #videos
end
def create
#athlete = Athlete.find(params[:video][:athlete_id])
#video = Video.new(params[:video])
if #athlete.can_add_another_video? && #video.save
flash[:notice] = "Successfully created"
PandaWorker.perform_async(#video.id)
log_activity(#video.logging_information)
else
flash[:notice] = #video.errors.full_messages.to_sentence
end
respond_with #video, location: edit_videos_path
end
def update
#video = Video.find(params[:id])
#athlete = Athlete.find(#video.athlete_id)
update_featured = params[:video][:featured].eql?("1") && !current_user.featured_video.blank? && current_user.featured_video.id != #video.id
current_user.featured_video.update_attribute(:featured, false) if update_featured
if #video.update_attributes(params[:video])
flash[:notice] = "Successfully Updated!"
log_activity(#video.logging_information)
else
flash[:notice] = #video.errors.full_messages.to_sentence
end
respond_with #video, location: edit_videos_path do |format|
format.json { render json: { message: flash[:notice], reload: update_featured } }
end
end
def show
#video = Video.find(params[:id])
render layout: false
end
def destroy
#video = Video.find(params[:id])
#athlete = Athlete.find(#video.athlete_id)
if #video.destroy
flash[:notice] = 'Video was successfully destroyed'
log_activity(#video.logging_information)
else
flash[:notice] = 'There was a problem destroying that video'
end
respond_with #athlete, location: edit_videos_path
end
def rotate
#video = Video.find(params[:id])
#encoding = #video.encode(params[:direction])
if #video.update_attributes(thumbnail_url: #encoding.screenshots.first, mp4_video_url: #encoding.url)
flash[:notice] = "Your video was successfully rotated"
else
flash[:notice] = "There was a problem rotating that video"
end
respond_with #video, location: edit_videos_path
end
end
Just curious to know if I doing things the right way, more so in the update/create methods
It's really just a convenience when your controller can respond to a variety of format requests.
This is a pretty good article describing it.
Related
I'm currently working on rails 5 project in which I want to add a passenger to a transportation. In the in the passengers controller index action I set transportation to be search by the params id. But it returns nil even though it has been created.
Here are the routes:
user_protest_transportation_passengers GET /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers(.:format) passengers#index
POST /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers(.:format) passengers#create
new_user_protest_transportation_passenger GET /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers/new(.:format) passengers#new
edit_user_protest_transportation_passenger GET /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers/:id/edit(.:format) passengers#edit
user_protest_transportation_passenger GET /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers/:id(.:format) passengers#show
PATCH /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers/:id(.:format) passengers#update
PUT /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers/:id(.:format) passengers#update
DELETE /users/:user_id/protests/:protest_id/transportations/:transportation_id/passengers/:id(.:format) passengers#destroy
user_protest_transportations GET /users/:user_id/protests/:protest_id/transportations(.:format) transportations#index
POST /users/:user_id/protests/:protest_id/transportations(.:format)
Here is the link:
<div class="card">
<div class="card-block">
<h3 class="card-title">Need A Ride?</h3>
<p class="card-text">Find people near you willing to share a seat who are coming to the event. We are all in this together!.</p>
<%= link_to 'Get A Ride', new_user_protest_transportation_passenger_path(#user, #protest, #transportation), class: "btn btn-primary" %>
</div>
</div>
Here is the passengers controller:
class PassengersController < ApplicationController
def index
#transportation = Transportation.find(params[:transportation_id])
end
def new
end
def create
#passenger = Passenger.new(passenger_params)
#user = User.find(current_user.id)
#transportation = Transportation.find(params[:transportation_id])
#driver = User.find(#transportation.transporter_id)
#protest = Protest.find(#transportation.destination_id)
#transportations = Transportation.where(destination_id: #protest.id)
has_ride = false
#transportations.each do |transportation|
passenger = Passenger.find_by user_id: current_user.id
unless (passenger.nil?)
has_ride = true
end
end
if has_ride
redirect_to protests_path, notice: "You already have a ride."
return
end
respond_to do |format|
if #passenger.save
format.html { redirect_to user_protest_transportation_passenger_path(id: #passenger.id), notice: 'Passenger was successfully created.' }
else
format.html { render :new }
end
end
end
def show
#driver = get_driver
if #driver
#transportation = Transportation.where(transporter_id: #driver.id).first!
#protest = Protest.find(#transportation.destination_id)
end
end
def edit
end
def update
end
def destroy
#passenger = Passenger.find_by(user_id: params[:user_id], transportation_id: params[:transportation_id])
if #passenger
#passenger.destroy
redirect_to user_protests_path, notice: 'Ride was canceled.'
else
redirect_to user_protest_transportations_path, notice: 'Error: the passenger record failed to delete.'
end
end
private
def get_driver
driver = nil
p = Passenger.find_by(user_id: current_user.id, transportation_id: params[:transportation_id])
t = Transportation.find(params[:transportation_id])
driver = User.find(t.transporter_id)
end
def passenger_params
params.permit(:user_id, :transportation_id)
end
end
I am trying to get the transportation id in the params, I tried find with session[transportation_id] but didn't seem to work.
protest controller:
class ProtestsController < ApplicationController
def index
#protests = Protest.all
end
def show
#protest = Protest.find(params[:id])
#user = current_user
end
def new
#protest = Protest.new
end
def edit
#protest = Protest.find(params[:id])
end
def create
#protest = Protest.new(protest_params)
#protest.creator = current_user
respond_to do |format|
if #protest.save
format.html { redirect_to #protest, notice: 'Protest was successfully created.' }
else
format.html { render :new }
end
end
end
def update
#protest = Protest.find(params[:id])
respond_to do |format|
if #protest.update(protest_params)
format.html { redirect_to #protest, notice: 'Protest was successfully updated.' }
else
format.html {render :edit }
end
end
end
def destroy
#protest = Protest.find(params[:id])
#protest.destroy
redirect_to protests_path
end
private
def protest_params
params.require(:protest).permit(:name, :description, :location, :starts_at, :creator, :image)
end
end
I'm implementing a website using Ruby on Rails. I have a trouble which I cannot create a new data and save to my model. The error i got is this which the error pointed to the #vpermits = current_user.vpermits.build(vpermit_params). Anyone have idea on what I have i done wrong?
NoMethodError in VisitorPermitsController#create
undefined method `vpermits' for #<User:0x9b7b478>
def create
#vpermits = current_user.vpermits.build(vpermit_params)
if #vpermits.save
redirect_to #vpermits
else
This is my visitor_permits_controller.rb
class VisitorPermitsController < ApplicationController
before_action :set_vpermit, only: [:destroy]
def index
#vpermits = VisitorPermit.where(:user_id => current_user.id)
end
def new
#vpermits = VisitorPermit.new
end
def create
#vpermits = current_user.vpermits.build(vpermit_params)
if #vpermits.save
redirect_to #vpermits
else
render 'new'
end
end
def destroy
VisitorPermit.destroy_all(user_id: current_user)
respond_to do |format|
format.html { redirect_to root_path, notice: 'Permit was successfully canceled.' }
format.json { head :no_content }
end
end
def show
#vpermits = VisitorPermit.find(params[:id])
end
def update
#vpermits = VisitorPermit.where(user_id: current_user).take
respond_to do |format|
if #vpermits.update(vpermit_params)
format.html { redirect_to root_path}
flash[:success] = "Permit successfully updated"
format.json { render :show, status: :ok, location: #user }
else
format.html { render :edit }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
def edit
#vpermits = VisitorPermit.find(params[:id])
end
private
# Use callbacks to share common setup or constraints between actions.
def set_vpermit
#vpermits = VisitorPermit.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def vpermit_params
params.require(:visitor_permit).permit(:vehicle_type, :name, :department, :carplate, :duration, :permitstart, :permitend)
end
end
From your code you might have association(has_many) between User and VistorPermit models. And you gave your model name as VistorPermit. So the
line of code for buliding should be like this:
#vpermits = current_user.vistor_permits.build(vpermit_params)
I know this was asked before but I double check and made sure that the other questions solutions didn't work for me but anyway, Users are able to edit other users. All you gotta do is change the value id in the address bar and it'll sign you directly into the persons account. I need this fixed and to redirect to their edit page. I've tried multiple things with no luck! I'm not using Devise.
Here is my users_controller.rb,
class UsersController < ApplicationController
before_action :set_user, only: [:edit, :update, :destroy]
before_action :correct_user, only: [:edit, ]
after_action :signed_in_after_register, only: :create
def index
#users = User.all
#user = User.find(session[:user_id])
end
def dashboard
#user = User.find(session[:user_id]) unless session[:user_id] == ""
redirect_to login_path, notice: "You're not logged in" unless #user
#posts = #user.posts.order("created_at DESC").limit(3)
#comment = Comment.new
#post = Post.new
end
def newsfeed
#user = User.find(session[:user_id]) unless session[:user_id] == nil
redirect_to login_path, notice: "You're not logged in" unless #user
#posts = #user.posts.order("created_at DESC").limit(3)
end
def nav
#user = User.find(session[:user_id])
end
def posts
#user = User.find(session[:user_id])
#posts = #user.posts
end
def destroy
#user = User.find(session[:user_id]) unless session[:user_id] == ""
redirect_to login_path, notice: "You're not logged in" unless #user
end
def welcome
#user = User.find(params[:user_id]) unless session[:user_id] == ""
redirect_to login_path, notice: "You're not logged in" unless #user
end
def show
#user = User.find(params[:user_id]) unless session[:user_id] == ""
redirect_to login_path, notice: "You're not logged in" unless #user
#posts = #user.posts.order("created_at DESC").limit(3)
#comment = Comment.new
#post = Post.new
end
def new
#user = User.new
#post = Post.new(params[:post_id])
end
def edit
#user = User.find(params[:user_id]) if params[:user_id]
redirect_to #dashboard_path unless #user
end
def create
#user = User.new(user_params)
respond_to do |format|
if #user.save
format.html { redirect_to dashboard_path, notice: 'User was successfully created!' }
format.json { render :profile, status: :created, location: #user }
else
format.html { render :new }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
def update
respond_to do |format|
if #user.update(user_params)
format.html { redirect_to dashboard_path, notice: 'User was successfully updated.' }
format.json { render :profile, status: :ok, location: #user }
else
format.html { render :edit }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
def destroy
#user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
def set_user
#user = User.find(params[:id])
end
def correct_user
#user = User.find(params[:id]) unless session[:user_id] == ""
end
def signed_in_after_register
session[:user_id] = #user.id
end
def user_params
params.require(:user).permit(:first_name, :last_name, :bio, :password, :password_confirmation, :email, :age, :profile_picture, :post, :body)
end
end
Not to sure what other code you may need to see with this being a controller issue, If you do need any other code of mine just comment and ill edit my question right away! Thank you in advance!
You can prevent users from editing each other's profiles by implementing a current_user helper method and checking it from within your edit and update method.
Add the following method to app/controllers/application_controller.rb
def current_user
#current_user ||= User.find(session[:user_id]) if session[:user_id]
end
This helper will return a User object representing the current user in any view or controller.
Now in your app/controllers/users_controller.rb, replace your update method with the following:
def update
if #user == current_user
respond_to do |format|
if #user.update(user_params)
format.html { redirect_to dashboard_path, notice: 'User was successfully updated.' }
format.json { render :profile, status: :ok, location: #user }
else
format.html { render :edit }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
else
redirect_to some_other_path, notice: 'You do not have permission to edit the profile of another user.'
end
end
You'll also have to set up your users_controller#edit method to use similar logic, but I'll leave that exercise to you, since the point is for you to learn something.
In my app I have a commenting system that's largely based off of this railscast. Now in my models I'm changing the to_param to a random string so the id isn't in the url. But then that breaks commenting.
status.rb
class Status < ActiveRecord::Base
attr_accessible :content, :member_id, :document_attributes, :permalink
belongs_to :member
belongs_to :document
has_many :comments, as: :commentable, dependent: :destroy
before_create :make_it_permalink
accepts_nested_attributes_for :document
def to_param
permalink
end
private
def make_it_permalink
# this can create permalink with random 12 digit alphanumeric
self.permalink = SecureRandom.hex(12)
end
end
statuses_controller.rb
class StatusesController < ApplicationController
before_filter :authenticate_member!, only: [:index, :new, :create, :destroy]
before_filter :find_member
rescue_from ActiveRecord::RecordNotFound do
render file: 'public/404', status: 404, formats: [:html]
end
def index
#statuses = Status.order('created_at desc').page(params[:page]).per_page(21)
respond_to do |format|
format.html # index.html.erb
format.js
end
end
def show
#status = Status.find_by_permalink(params[:id])
#commentable = #status
#comments = #commentable.comments.order('created_at desc').page(params[:page]).per_page(15)
#comment = #commentable.comments.new
respond_to do |format|
format.html # show.html.erb
format.json { redirect_to profile_path(current_member) }
end
end
def new
#status = Status.new
#status.build_document
respond_to do |format|
format.html # new.html.erb
format.json { render json: #status }
format.js
end
end
def create
#status = current_member.statuses.new(params[:status])
respond_to do |format|
if #status.save
#activity = current_member.create_activity(#status, 'created')
format.html { redirect_to :back }
format.json
format.js
else
format.html { redirect_to profile_path(current_member), alert: 'Post wasn\'t created. Please try again and ensure image attchments are under 10Mbs.' }
format.json { render json: #status.errors, status: :unprocessable_entity }
format.js
end
end
end
def destroy
#status = current_member.statuses.find(params[:id])
#activity = Activity.find_by_targetable_id(params[:id])
#commentable = #status
#comments = #commentable.comments
if #activity
#activity.destroy
end
if #comments
#comments.destroy
end
#status.destroy
respond_to do |format|
format.html { redirect_to profile_path(current_member) }
format.json { head :no_content }
end
end
private
def find_member
#member = Member.find_by_user_name(params[:user_name])
end
def find_status
#status = current_member.statuses.find_by_permalink(params[:id])
end
end
comments_controller.rb
class CommentsController < ApplicationController
before_filter :authenticate_member!
before_filter :load_commentable
before_filter :find_member
def index
redirect_to root_path
end
def new
#comment = #commentable.comments.new
end
def create
#comment = #commentable.comments.new(params[:comment])
#comments = #commentable.comments.order('created_at desc').page(params[:page]).per_page(15)
#comment.member = current_member
respond_to do |format|
if #comment.save
format.html { redirect_to :back }
format.json
format.js
else
format.html { redirect_to :back }
format.json
format.js
end
end
end
def destroy
#comment = Comment.find(params[:id])
respond_to do |format|
if #comment.member == current_member || #commentable.member == current_member
#comment.destroy
format.html { redirect_to :back }
format.json
format.js
else
format.html { redirect_to :back, alert: 'You can\'t delete this comment.' }
format.json
format.js
end
end
end
private
# def load_commentable
# resource, id = request.path.split('/')[1,2] # photos/1/
# #commentable = resource.singularize.classify.constantize.find(id) # Photo.find(1)
# end
# alternative option:
def load_commentable
klass = [Status, Medium, Project, Event, Listing].detect { |c| params["#{c.name.underscore}_id"] }
#commentable = klass.find(params["#{klass.name.underscore}_id"])
end
#def load_commentable
# #commentable = params[:commentable_type].camelize.constantize.find(params[:commentable_id])
#end
def find_member
#member = Member.find_by_user_name(params[:user_name])
end
end
The problem lies in the load_commentable method in the comments_controller. I've tried a couple different variations of the method but the second one works best for my app and it was working when the url's had their id's in them. But since I overwrote the to_param to use my random permalink commenting stopped working because it's trying to find theid where it equals the permalink. Since it seems to try to find the id through the url, how do I pass the the actual id and not the permalink or how do I find commentable by it's permalink instead of id?
It's hard to tell if your param will always be the value of id or always be the permalink, or will sometimes be an id and sometimes a permalink.
If it will always be a permalink, then do:
#commentable = klass.find_by_permalink(params["#{klass.name.underscore}_id"])
instead of
#commentable = klass.find(params["#{klass.name.underscore}_id"])
If it is sometimes id and sometimes other, then you will need make logic to determine which is needed based on the class.
I installed Authlogic gem, set up controllers and models. When I make a registration of new account with Authlogic, everything is successfully created in the DB table (like crypted_password, password_salt etc).
The components: UserSessionsController:
# encoding: utf-8
class UserSessionsController < ApplicationController
def new
#user_session = UserSession.new
end
def create
#user_session = UserSession.new(params[:user_session])
respond_to do |format|
if #user_session.save
format.html { redirect_to(root_url, :flash => { success: 'Successfully logged in.'}) }
format.xml { render :xml => #user_session, :status => :created, :location => #user_session }
else
format.html { #render :action => :new
redirect_to :back
flash[:warning] = 'Wrong credentials.'
}
format.xml { render :xml => #user_session.errors, :status => :unprocessable_entity }
end
end
end
def signin
#user_session = UserSession.new
end
def destroy
#user_session = UserSession.find
#user_session.destroy
respond_to do |format|
format.html { redirect_to(root_url, :notice => 'Logged out.') }
format.xml { head :ok }
end
end
end
UsersController
class UsersController < ApplicationController
filter_access_to :all
def index
#users = User.all
respond_to do |format|
format.html # index.html.erb
format.json { render json: #users }
end
end
def show
#user = User.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.json { render json: #user }
end
end
def signup
#user = User.new
#categories = Category.order('name')
end
def new
#user = User.new
#categories = Category.order('name')
respond_to do |format|
format.html # new.html.erb
format.json { render json: #user }
end
end
def edit
#user = User.find(params[:id])
#categories = Category.order('name')
redirect_to root_url unless current_user.id == #user.id
end
def create
params[:user][:id_code] = User.random_numbers
params[:user][:url_name] = params[:user][:name].parameterize
#user = User.new(params[:user])
respond_to do |format|
if #user.save
Assignment.create(:user_id => #user.id, :role_id => MEMBER)
format.html { redirect_to root_url, notice: 'User was successfully created.' }
format.json { render json: #user, status: :created, location: #user }
else
format.html { render action: "new" }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
def update
#user = User.find(params[:id])
respond_to do |format|
if #user.update_attributes(params[:user])
format.html { redirect_to #user, notice: 'User was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: "edit" }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
def destroy
#user = User.find(params[:id])
#user.destroy
respond_to do |format|
format.html { redirect_to users_url }
format.json { head :no_content }
end
end
end
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :mailer_set_url_options
before_filter :set_current_user
helper_method :current_user_session, :current_user
def mailer_set_url_options
ActionMailer::Base.default_url_options[:host] = request.host_with_port
end
protected
def set_current_user
Authorization.current_user = current_user
end
private
def current_user_session
logger.debug "ApplicationController::current_user_session"
return #current_user_session if defined?(#current_user_session)
#current_user_session = UserSession.find
end
def current_user
logger.debug "ApplicationController::current_user"
return #current_user if defined?(#current_user)
#current_user = current_user_session && current_user_session.user
end
def authentication
logger.debug "ApplicationController::authentication"
unless current_user
#store_location
flash[:warning] = "You must be logged out to access this page"
redirect_to root_url
return false
end
end
end
user_session.rb
class UserSession < Authlogic::Session::Base
# attr_accessible :data, :sessions_id
generalize_credentials_error_messages "Login info is invalid!"
def to_key
new_record? ? nil : [ self.send(self.class.primary_key) ]
end
self.logout_on_timeout = true
def persisted?
false
end
end
user.rb
class User < ActiveRecord::Base
attr_accessible #list of all columns
acts_as_authentic do |c|
c.login_field = 'email'
c.logged_in_timeout(15.minutes)
end
has_many :assignments
has_many :roles, :through => :assignments
#validates...
# declarative_authentications
def role_symbols
roles.map do |role|
role.name.underscore.to_sym
end
end
end
I am trying to solve this issue already second day, but I still cannot find the problem... In the DB table are all data needed for Authlogic created, but when I try to log in, I always get the error message Wrong credentials..
Could anyone help me, please, with this problem? I already have no idea, how to fix it :/
Ok, problem seems to be solved - I used for my purposes the column name active, which using also Authlogic.
Renamed to activity and everything is working well.