I want to be able to write a comment as a guest or as a registered user with devise.
My comment model contains :title, :content, :user_id, :guest_email, :guest_website and :write_as_guest as a boolean.
I wanted to validate the presence of :guest_email only when no user is signed_in. But I think I'm not going in the good direction.
I'm managing the form with AJAX/jQuery and I wanted to have a guest form where :content and :guest_email are necessary fields. In another hand, I want to have the user form where only the :content is necessary.
Here is how I tried to go for it.
class Comment < ActiveRecord::Base
before_validation :set_write_as_guest
belongs_to :user
validates_presence_of :content
validates_presence_of :guest_email, :if => :write_as_guest?
private
def write_as_guest?
self.write_as_guest
end
def set_write_as_guest
if user_signed_in?
self.write_as_guest = false
else
self.write_as_guest = true
end
end
end
It seems that user_signed_in? method needs before_filter :authenticate_user! then I have the following in my comments_controller
before_filter :authenticate_user!, :only => :create
But however I don't want to authenticate to create because that's a guest...
So if somebody would be able to propose me a way to write as a guest or as a user, that would be really appreciated.
Thx
You can do a custom validation like this
class Comment < ActiveRecord::Base
validate :guest_commentator
def guest_commentator
user = User.find(user_id)
self.errors.add(:user_id => "some error message here ") unless user.nil?
end
end
Related
First this is all of my code
#models/user.rb
class User < ApplicationRecord
has_many :trips
has_many :homes, through: :trips
has_secure_password
accepts_nested_attributes_for :trips
accepts_nested_attributes_for :homes
validates :name, presence: true
validates :email, presence: true
validates :email, uniqueness: true
validates :password, presence: true
validates :password, confirmation: { case_sensitive: true }
end
#home.rb
class Home < ApplicationRecord
has_many :trips
has_many :users, through: :trips
validates :address, presence: true
end
class HomesController < ApplicationController
def show
#home = Home.find(params[:id])
end
def new
if params[:user_id]
#user = User.find_by(id: params[:user_id])
#home = #user.homes.build
end
end
def create
#user = User.find_by(id: params[:user_id])
binding.pry
#home = Home.new
end
private
def home_params
params.require(:home).permit(:address, :user_id)
end
end
I am trying to do something like this so that the home created is associated with the user that is creating it.
def create
#user = User.find_by(id: params[:user_id])
#home = Home.new(home_params)
if #home.save
#user.homes << #home
else
render :new
end
end
The problem is that the :user_id is not being passed into the params. So the #user comes out as nil. I can't find the reason why. Does this example make sense? Am I trying to set the associations correctly? Help or any insight would really be appreciated. Thanks in advance.
The way you would typically create resources as the current user is with an authentication such as Devise - not by nesting the resource. Instead you get the current user in the controller through the authentication system and build the resource off it:
resources :homes
class HomesController < ApplicationController
...
# GET /homes/new
def new
#home = current_user.homes.new
end
# POST /homes
def create
#home = current_user.homes.new(home_parameters)
if #home.save
redirect_to #home
else
render :new
end
end
...
end
This sets the user_id on the model (the Trip join model in this case) from the session or something like an access token when dealing with API's.
The reason you don't want to nest the resource when you're creating them as a specific user is that its trivial to pass another users id to create resources as another user. A session cookie is encrypted and thus much harder to tamper with and the same goes for authentication tokens.
by using if params[:user_id] and User.find_by(id: params[:user_id]) you are really just giving yourself potential nil errors and shooting yourself in the foot. If an action requires a user to be logged use a before_action callback to ensure they are authenticated and raise an error and bail (redirect the user to the sign in). Thats how authentication gems like Devise, Knock and Sorcery handle it.
How can I validate presence of at least one role for a User using rolify gem? I tried validating presence of roles in User.rb as per below, but it does not work.
Bonus: Is it possible not to permit admin user take off his own Admin role?
User.rb:
class User < ApplicationRecord
rolify
validates :roles, presence: true
end
Edit Form:
= form_for #user do |f|
- Role.all.each do |role|
= check_box_tag "user[role_ids][]", role.id, #user.role_ids.include?(role.id)
= role.name
= f.submit
Controller:
class UsersController < ApplicationController
before_action :set_user, only: [:edit, :update, :destroy]
def edit
authorize #user
end
def update
authorize #user
if #user.update(user_params)
redirect_to users_path
else
render :edit
end
end
private
def set_user
#user = User.find(params[:id])
end
def user_params
params.require(:user).permit({role_ids: []})
end
end
When the user has 1+ roles it works ok, but if I take away all the roles it gives an error:
You can create a custom validation to requires that the user has at least one role:
class User < ActiveRecord::Base
rolify
validate :must_have_a_role
private
def must_have_a_role
errors.add(:roles, "must have at least one") unless roles.any?
end
end
The presence validation is really only intended for attributes and not m2m associations.
Is it possible not to permit admin user take off his own Admin role?
Its possible but will be quite complex since Rolify uses a has_and_belongs_to_many assocation and not has_many through: which would let you use association callbacks.
I have User model, and need to validate phone number attribute based on the controller param.
class User < ActiveRecord::Base
validates_presence_of :phone_number
end
This validation should validate phone_number in the Create action.
Let's say the param I should check is
params[:phone_number]
you can use before_save validation, in User model you can write
before_save :validate_phone_number
private
def validate_phome_number
self.phone_number = /some regex/
end
In self.phone_number you will get controller params by default
validate :custom_validation, :on => :create
private
def custom_validation
//whatever you want to check
end
I have tried many ways to complete this task,
I used Inheritance - Created a sub class from the User class
Call a method in the model from the controller to set the attribute and bind that attribute with the validation
Use the context option
I guess the context option is the most reliable solution for this issue i faced. So here when i set the context as :interface the model validation will trigger only based on that value
Model - User.rb
class User < ActiveRecord::Base
validates_presence_of :phone_number, on: :interface
end
Controller - users_controller.rb
#user = User.new(user_params)
#save_result = false
if params[:invitation_token] == nil
save_result = #user.save(context: :interface)
else
save_result = #user.save
end
If you use multiple options in ON:
validates :terms_and_conditions, acceptance: {accept: true}, on: [:create, :interface], unless: :child
validates :privacy_policy, acceptance: {accept: true}, on: [:create, :interface], unless: :child
class User < ApplicationRecord
has_one :address
accepts_nested_attributes_for :address
end
class Address < ApplicationRecord
belongs_to :user
end
<%= form_for #user do |f| %>
.... // some filed here everything fine
<%= f.fields_for :address do |a| %>
<%= a.text_field :city %> // this field is not appear
<% end %>
<% end %>
class UsersController < ApplicationController
def new
#user = User.new
end
def create
#user = User.new(user_params)
if #user.valid?
#user.save
else
redirect_to root_path
end
end
private
def user_params
params.require(:user).permit(:id, :name, :email, :password, :password_confirmation, :status, :image, :address_attributes => [:id, :city, :street, :home_number, :post_code, :country])
end
end
So like you can see above I have two classes and one form, when I am trying display fields for Address class I can not do it in that way. I took this example from https://apidock.com/rails/ActionView/Helpers/FormHelper/fields_for
I was trying different combination like for example using User.new and Address.new in form definition it not working as well, I was able display all fields in that situation but I wasn't able to save Address data to table, because of "unpermited address".
Can someone explain what I am doing wrong? Or at least give me please some hints.
[SOLVED]
I should learn how to read documentations properly. Excalty like #Srack said I needed just use build_address method. I checked documentation rails api again and on the end of page there was examples says to create User class like this:
class User < ApplicationRecord
has_one :address
accepts_nested_attributes_for :address
def address
super || build_address
end
end
and that solved my issue.
Thank you.
You'll have to make sure there's an address instantiated for the user in the new view. You could do something like:
def new
#user = User.new
#user.build_address
end
You should then see the address fields on the form.
The nested_fields_for show the fields for a record that's been initialised and belong to the parent. I think the latter is why your previous attempts haven't worked.
FYI build_address is an method generated by the belongs_to association: http://guides.rubyonrails.org/association_basics.html#methods-added-by-belongs-to
In my project I have two models: Responder (which is basically a message) & Conversation. Responder is a child of Conversation. What I want is that if a user creates a new responder, it automatically creates a conversation for this Responder. The Conversation only has an id.
if the admin then replies on this Responder, the conversation_id for this responder will be the same as the user's responder.
So what I want:
User/admin creates responder (child), also create the conversation (parent)
Admin/user uses reply button, conversation.id of responder replied on is passed on to the new responder.
I've looked around a bit, and found some similar questions. But they aren't quite what I want, and I can't figure out how to build around it so it works for me. I feel it's a very simple thing to do, but I really have no idea how and where to start.
Conversation.rb:
class Conversation < ActiveRecord::Base
has_many :responders
end
Responder.rb:
class Responder < ActiveRecord::Base
validates :title, :text, presence: true
has_many :receivers
belongs_to :company
belongs_to :user
belongs_to :conversation
end
and my responders controller might it help:
class RespondersController < ApplicationController
before_action :all_responders, only: [:index, :create]
before_action :check_user
respond_to :html, :js
def show
#responder = Responder.find(params[:id])
end
def new
##conversation = Conversation.new
##conversation.save #Works, but puts data in database before submitting the form
#responder = Responder.new
end
def create
#responder = Responder.new(responder_params)
if #responder.save
redirect_to root_path
else
render partial: "form", errors: responder.errors.full_messages
end
end
private
def check_user
if !signed_in?
redirect_to new_session_path
end
end
def all_responders
if current_user
#companies = Company.all
if current_user.administrator?
#responders = Responder.where.not(:user_id => current_user.id)
else
#responders = Responder.where(:receiver => current_user.id)
end
end
end
def responder_params
params.require(:responder).permit(:title, :text, :receiver, :sender_id, :company_id, :user_id, :conversation_id)
end
end
The mail system is unique where there is a administrator that sends mails as multiple companies (from a drop down list) and users can only send mails to the company. I also don't want to use gems for this.
Thanks in advance!
Please try with before_create callback to create conversation in Responder class.