I have this route that let me build custom url for users like
/thisismyname, and it works fine. But when I look at the log there is
something I don't like...
When I hit /gregory this is what is happenning:
1. Going to public_profile#public # Good
2. hitting /assets and trying to find a user with asset token # Not good
I thought my constraints would avoid this but it doesn't seem like it...
class PublicProfileConstraint
def self.matches?(request)
!['assets', 'admin'].include?(request.session[:token])
end
end
get "/:token" => "profiles#public", :as => :public_profile,
:constraints => PublicProfileConstraint
Here is the log:
Started GET "/gregory" for 127.0.0.1 at 2012-03-05 12:44:43 -0800
Processing by ProfilesController#public as HTML
Parameters: {"token"=>"gregory"}
User Load (0.2ms) SELECT "users".* FROM "users" WHERE
"users"."id" = ? LIMIT 1 [["id", 1]]
User Load (0.3ms) SELECT "users".* FROM "users" WHERE
"users"."token" = 'gregorymarcilhacy' LIMIT 1
Rendered profiles/_modal.haml (0.1ms)
....
Rendered profiles/show.haml within layouts/application (154.7ms)
Completed 200 OK in 431ms (Views: 174.0ms | ActiveRecord: 5.5ms)
... Redering js files ...
# I DONT WANT THIS
Started GET "/assets/" for 127.0.0.1 at 2012-03-05 12:44:45 -0800
Served asset - 404 Not Found (10ms)
Processing by ProfilesController#public as */*
Parameters: {"token"=>"assets"}
User Load (0.2ms) SELECT "users".* FROM "users" WHERE
"users"."id" = ? LIMIT 1 [["id", 1]]
User Load (0.3ms) SELECT "users".* FROM "users" WHERE
"users"."token" = 'assets' LIMIT 1
Redirected to http://localhost:3000/
Completed 302 Found in 312ms
... Rendering images ...
# AND I DONT WANT THIS
Started GET "/" for 127.0.0.1 at 2012-03-05 12:44:45 -0800
Processing by LandingController#landing as */*
User Load (0.3ms) SELECT "users".* FROM "users" WHERE
"users"."id" = ? LIMIT 1 [["id", 1]]
Rendered landing/landing.haml within layouts/landing (0.8ms)
Completed 200 OK in 288ms (Views: 23.5ms | ActiveRecord: 2.2ms)
You are searching request.session for the token, but this will always fail as that's the session store rather than the request parameters. You probably want the equivalent of params[:token] in the constraint class. The request object documentation indicates that request.path_parameters[:token] might contain the value you are looking for.
Related
Created new ruby app
in my controller im trying to sign in a user like so
email = params[:email]
password = params[:password]
user = User.authenticate(email, password)
if user
sign_in(user)
redirect_to root_path
else
render json: {success: false}
end
The user is going into sign_in
console is printing:
Processing by AccountController#sign_in_user as */*
Parameters: {"password"=>"[FILTERED]", "email"=>"email#live.com", "subdomain"=>"app"}
User Load (1.9ms) SELECT "users".* FROM "users" WHERE "users"."email" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["email", "email#live.com"], ["LIMIT", 1]]
↳ app/models/user.rb:9
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 2], ["LIMIT", 1]]
↳ app/controllers/account_controller.rb:11
Redirected to http://app.lvh.me:3000/
Completed 200 OK in 131ms (ActiveRecord: 2.4ms)
It then redirects to my root path for authenticated users and gives me a 401
Started GET "/" for 127.0.0.1 at 2018-04-30 21:53:39 -0400
Processing by DashboardController#index as HTML
Parameters: {"subdomain"=>"app"}
Completed 401 Unauthorized in 1ms (ActiveRecord: 0.0ms)
In the DB the user's current_sign_in, last_sign_in, ect.. are being updated
I've done this numerous times, i'm not sure why its not working, any ideas?
Well after an hour of going crazy
i had a random line in my routes
devise_for :users
with no end doing nothing and it was causing this issue.
after removing that everything is fine.
I am creating a blog and I want to show profile containing all posts of a perticular user by clicking the "uploader" link in index.html.erb(line no. 9). I used a controller named Pages and defined profile in it and linked it to "uploader" and passed user of that post.
code screenshot
I am getting error "Couldn't find User with 'id'="
error screenshot
terminal is showing User id as nil
Started GET "/" for 127.0.0.1 at 2017-03-27 02:08:49 +0530
Processing by PostsController#index as HTML
Post Load (0.5ms) SELECT "posts".* FROM "posts" ORDER BY created_at DESC
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 4]]
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 3]]
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 2]]
Rendered posts/index.html.erb within layouts/application (10.8ms)
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? ORDER BY "users"."id" ASC LIMIT 1 [["id", 3]]
Completed 200 OK in 84ms (Views: 81.4ms | ActiveRecord: 1.1ms)
Started GET "/pages/profile.3" for 127.0.0.1 at 2017-03-27 01:49:02 +0530
Processing by PagesController#profile as
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", nil]]
Completed 404 Not Found in 1ms (ActiveRecord: 0.1ms)
ActiveRecord::RecordNotFound (Couldn't find User with 'id'=):
app/controllers/pages_controller.rb:3:in `profile'
What am I doing wrong?
Any better method to do this?
Your problem is the route. This:
GET "/pages/profile.3"
should really be this:
GET "/pages/profile/3"
and that's caused by your route missing the required parameter. Change it to
# routes.rb
get 'pages/profile/:id
and it should work.
how can I manage and edit other users profiles as an admin since I have one model and controller (users) ?
I tried to add a new action called updateusers
def updateusers
#other_user=User.find(params[:id])
if #other_user.update_attributes(otherusers_params)
redirect_to '/'
else
redirect_to '/manage'
end
end
the problem here :it is updating my admin user with the other_user's data
stack trace
Started GET "/manage" for ::1 at 2016-03-19 21:06:08 +0300 Processing by UsersController#manage as HTML User Load (1.0ms) SELECT "users".* FROM "users" Rendered users/manage.html.erb within layouts/application (5.0ms) User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200 OK in 53ms (Views: 51.0ms | ActiveRecord: 1.0ms)
'Started GET "/users/10" for ::1 at 2016-03-19 21:06:10 +0300 Processing by UsersController#show as HTML Parameters: {"id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 10]] Rendered users/show.html.erb within layouts/application (0.0ms) User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200 OK in 37ms (Views: 36.0ms | ActiveRecord: 0.0ms)
Started GET "/editusers/10" for ::1 at 2016-03-19 21:06:11 +0300 Processing by UsersController#editusers as HTML Parameters: {"id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 10]] Rendered users/editusers.html.erb within layouts/application (4.0ms) User Load (1.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200 OK in 41ms (Views: 39.0ms | ActiveRecord: 1.0ms)
Started PATCH "/users/10" for ::1 at 2016-03-19 21:06:15 +0300 Processing by UsersController#update as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"6M1TGLQUEhiezCCg9/rT5IofdroMiQ0sm+bYcihgGDxTjDdFGU2Riou2pcRk5ncjCtFDGwfBj17Uq7gc0u329w==", "user"=>{"first_name"=>"g", "last_name"=>"g", "email"=>"g#g.g", "role"=>"editor", "image"=>"pic.png", "admins"=>""}, "other"=>"update", "id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Unpermitted parameters: role, admins
(0.0ms) begin transaction SQL (1.0ms) UPDATE "users" SET "first_name" = ?, "last_name" = ?, "email" = ?, "updated_at" = ? WHERE "users"."id" = ? [["first_name", "g"], ["last_name", "g"], ["email", "g#g.g"], ["updated_at", "2016-03-19 18:06:15.488284"], ["id", 1]] (47.0ms) commit transaction Redirected to localhost:8080/profile Completed 302 Found in 54ms (ActiveRecord: 48.0ms)
If it's updating the wrong user, it means that params[:id] is the id of the user being updated. Are you passing the id of the user you want to update in the params? Try calling puts params.inspect at the top of the controller action to see what data is being passed. You need to look up #other_user with their id and you need to make sure that #other_user's id is being passed with the other form data.
after 10 days ,, Yes i did it - the solution is in the name of submit , I named the two submits with diffrent names <%= f.submit "update", name:"other" %>
then i used the update action like this
def update
if params[:current]
#user = current_user
if #user.update_attributes(user_params)
redirect_to '/profile'
else
redirect_to '/edit'
end
elsif params[:other]
#other_user=User.find(params[:id])
if #other_user.update_attributes(otherusers_params)
redirect_to '/'
else
redirect_to '/manage'
end
end
end
how can I manage and edit other users profiles as an admin since I have one model and controller (users) ?
I tried to add a new action called updateusers
def updateusers
#other_user=User.find(params[:id])
if #other_user.update_attributes(otherusers_params)
redirect_to '/'
else
redirect_to '/manage'
end
end
the problem here :it is updating my admin user with the other_user's
data
stack trace
Started GET "/manage" for ::1 at 2016-03-19 21:06:08 +0300 Processing by
UsersController#manage as HTML User Load (1.0ms) SELECT "users".* FROM
"users" Rendered users/manage.html.erb within layouts/application (5.0ms) User
Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1
[["id", 1]] Completed 200 OK in 53ms (Views: 51.0ms | ActiveRecord: 1.0ms)
'Started GET "/users/10" for ::1 at 2016-03-19 21:06:10 +0300 Processing by
UsersController#show as HTML Parameters: {"id"=>"10"} User Load (0.0ms) SELECT
"users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 10]] Rendered
users/show.html.erb within layouts/application (0.0ms) User Load (0.0ms) SELECT
"users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200
OK in 37ms (Views: 36.0ms | ActiveRecord: 0.0ms)
Started GET "/editusers/10" for ::1 at 2016-03-19 21:06:11 +0300 Processing
by UsersController#editusers as HTML Parameters: {"id"=>"10"} User Load (0.0ms)
SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 10]]
Rendered users/editusers.html.erb within layouts/application (4.0ms) User Load
(1.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Completed 200 OK in 41ms (Views: 39.0ms | ActiveRecord: 1.0ms)
Started PATCH "/users/10" for ::1 at 2016-03-19 21:06:15 +0300 Processing by
UsersController#update as HTML Parameters: {"utf8"=>"✓",
"authenticity_token"=>"6M1TGLQUEhiezCCg9/rT5IofdroMiQ0sm+bYcihgGDxTjDdFGU2Riou2p
cRk5ncjCtFDGwfBj17Uq7gc0u329w==", "user"=>{"first_name"=>"g", "last_name"=>"g",
"email"=>"g#g.g", "role"=>"editor", "image"=>"pic.png", "admins"=>""},
"other"=>"update", "id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users"
WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Unpermitted parameters: role, admins
(0.0ms) begin transaction SQL (1.0ms) UPDATE "users" SET "first_name" = ?,
"last_name" = ?, "email" = ?, "updated_at" = ? WHERE "users"."id" = ?
[["first_name", "g"], ["last_name", "g"], ["email", "g#g.g"], ["updated_at",
"2016-03-19 18:06:15.488284"], ["id", 1]] (47.0ms) commit transaction Redirected
to localhost:8080/profile Completed 302 Found in 54ms (ActiveRecord: 48.0ms)
The user ID of the form in "editusers" is set to your admin (or logged in user). It's hard to say without seeing the code but I think you've set up the editusers form incorrectly. Perhaps using a hidden field to hold the ID of the user you want to update.
Try to avoid that and set up the #user object in the 'editusers' action #user = User.find(10)
Then in your view use a form_for #user do |f| without any hidden fields for the ID.
after 10 days ,, Yes i did it - the solution is in the name of submit , I named the two submits with diffrent names <%= f.submit "update", name:"other" %> then i used the update action like this
def update
if params[:current]
#user = current_user
if #user.update_attributes(user_params)
redirect_to '/profile'
else
redirect_to '/edit'
end
elsif params[:other]
#other_user=User.find(params[:id])
if #other_user.update_attributes(otherusers_params)
redirect_to '/'
else
redirect_to '/manage'
end
end
end
I'm running into a weird issue with user downloadable files, the file is downloading properly, but other code in the controller action is executing twice. I'm using CarrierWave, which is mounted on a Document model at .file.
I want users to be able to click this link to download the file:
<%= link_to document.file.file.filename, document_path(document) %>
This is what my controller looks like:
def show
document = Document.find(params[:id])
# Track this download
CourseDownload.create(course: document.course, user: current_user)
# Download the file
send_file 'public' + document.file.url.to_s
end
When I click the link, the file downloads, but 2 CourseDownload records are created. In the logs it looks like the GET request is happening twice:
Started GET "/documents/1" for 127.0.0.1 at 2014-04-17 18:12:47 -0400
Processing by DocumentsController#show as HTML
Parameters: {"id"=>"1"}
Document Load (0.2ms) SELECT "documents".* FROM "documents" WHERE "documents"."id" = ? LIMIT 1 [["id", "1"]]
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'xxx' LIMIT 1
CACHE (0.0ms) SELECT "documents".* FROM "documents" WHERE "documents"."id" = ? LIMIT 1 [["id", "1"]]
public/uploads/document/file/1/bootstrap-3.0.0.zip
Sent file public/uploads/document/file/1/bootstrap-3.0.0.zip (0.1ms)
Completed 200 OK in 7ms (ActiveRecord: 0.4ms)
Started GET "/documents/1" for 127.0.0.1 at 2014-04-17 18:12:47 -0400
Processing by DocumentsController#show as HTML
Parameters: {"id"=>"1"}
Document Load (0.2ms) SELECT "documents".* FROM "documents" WHERE "documents"."id" = ? LIMIT 1 [["id", "1"]]
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'xxx' LIMIT 1
CACHE (0.0ms) SELECT "documents".* FROM "documents" WHERE "documents"."id" = ? LIMIT 1 [["id", "1"]]
public/uploads/document/file/1/bootstrap-3.0.0.zip
Sent file public/uploads/document/file/1/bootstrap-3.0.0.zip (0.1ms)
Completed 200 OK in 5ms (ActiveRecord: 0.3ms)
Any idea what I'm doing wrong?
Thanks!
The issue ended up being caused by a turbolinks gotcha.
Resolved with:
<%= link_to document.file.file.filename, document_path(document), 'data-no-turbolink' => true %>