I'm new to rails, so I'll just explain my situation to you:
I've got a User Model and a UsersController. Users log in with their email address and a password. Special users can invite other users, by typing the email address of the invitee into a form and hitting submit. The invited user then receives a mail containing a link to activate his account, by entering his password for the first time.
Here's the problem:
The "invitation" form is mapped to the create action of my UsersController atm. But what do I map the "activation" form to?
Is it possible for me to define a custom action "activate" or something that can be accessed like /users/3/activate (of course, there should be some authentication token here too...) and would activate the user with id 3?
I've found some stuff on custom actions, but I don't quite get the hang of it yet.
Thx for any help
You probably have something like this in your routes file. (If not, please post that.)
resources :users
If you want to add a custom action that acts on a single User, you can add that as a :member like this.
resources :users do
member do
get :activate
end
end
Note that using a get for something that modifies data is a bit wrong, but you're talking about hitting this from a link in an email.
As you play with routes don't forget that rake routes will show you all of the routes that you currently have available to you.
Related
I have a Rails 4 application using Devise for authentication.
In addition to the standard Devise login page, I want to have partner login pages that basically look and function the same way, but have a unique URL, like:
http://example.com/partner1
What is the best way to do this? I'm not sure how the routes file should look. And is using FriendlyID a good idea as well?
I have a PartnerPage model in the database which contains a "link" field, which is where the admin will enter the link/partner code.
Creating a custom route to the signup form is pretty straight forward:
get '/partner1', to: 'devise/sessions#new'
However if you want to have a customized login screen a good solution is to subclass Devise::SessionsController.
# app/controllers/partner1/sessions_controller.rb
class Partner1::SessionsController < Devise::SessionsController; end
and in your routes:
get '/partner1', to: 'partner1/sessions#new'
This will render app/veiws/partner1/sessions/new.html.erb.
I have been following this guide to make a Ruby on Rails web app:
http://guides.rubyonrails.org/getting_started.html
It is supposed to be a quiz where people answer questions.
I have made :questions a resource. However, the guide mentions a page on its website to be able to create and delete its resource articles. Obviously this makes no sense with quiz questions as I just want to create them once and after that no more can be created or deleted. However, there is no mention of this in the guide?
If you don't want to be able to create/update/destroy your questions through controller, you can exclude these restful routes with :except, or specify the routes you need with :only which is more obvious(take a look at the routing guide):
resources :questions, only: [:index, :show]
This will create following routes:
GET /questions questions#index
GET /questions/:id questions#show
To fill your database with questions, use seeds(which are described in AR migrations guide). Put your questions creation related code into db/seeds.rb file and run rake db:seed afterwards.
You should specify in your routes to only :show the questions.
Do something like this in your routes:
resources :questions, only: [:show]
So as much I understand, you want to create resources and data on your own but don't want other users to be able to create or delete a resource, right?
let's start with the basics:
In MVC, the model/resource is the main representation of the entities.
The routes file indicate what routes are available at the first place
for each entity to which HTML requests can be sent. It also matches the route with a respective controller action. The controller
provides a gateway for users to interact with your application, takes
a request from them, take actions needed( issue SQL commands to create, show, delete from the database etc) and give a suitable response at the end.
So, suppose you want users to create a new resource on your server. First, you provide a route on which they can send a request. Then, you give them a create new resource button in your view through which they can interact. That button will use the route, match it with a controller action and send a request to that controller method. Depending on what is inside the controller action, the controller then creates the resource and redirect the user with a 302 with a notification.
Now, suppose you don't want a request to go through. What will you do?
You will firstly not create a route on which a request can be sent. You will also not create a controller action on which request can be received.
That's the use case in your scenario.
Since you don't want users to be able to send a request to the server to create the resource:
Don't provide the routes for them to send any such HTML request
Don't provide any controller which will receive such request
And obviously, don't provide any button in the view to take that action.
Now, the question would be: Then how will I create the resource?
You have three options:
Use a seed file: You can use a seed file where you add all the data you want. This tutorial and many other resources on the web can help you out. http://www.xyzpub.com/en/ruby-on-rails/3.2/seed_rb.html
Use rails console: Give create commands: Question.create(:name => "hello", :description => "How you doing!"). See the link here: https://apidock.com/rails/ActiveRecord/Base/create/class
If you are a beginner, you need to work a little more before trying this: Create authorized users and what actions they can take. You can also create an admin dashboard and provide all actions to admin users using activeadmin gem.
This blog explains the process: http://www.onceaday.today/subjects/1/posts/9 3
Finally, as you do need to show all the questions: create only show route, match it with a controller action, write the method in the controller action which issues a SQL command to get all the resource from the database and give the respective show view the data it can render.
Hope it helps you out!
I have a site where you can enter the name of a business after the domain and if it exists it is displayed. E.g. www.mysite.com/BUSINESS_NAME. I do this through a route:
match ':id' => 'businesses#show', :via => [:get]
It essentially means that a new custom URL is created for each new business that signs up. At the moment each time a new business is created (create form submitted) I am redirected to something like
http://localhost:3000/businesses/42
This is expected as I use:
redirect_to #business
How am I able to redirect to the newly created business and make the URL look like
www.mysite.com/BUSINESS_NAME instead of http://localhost:3000/businesses/42
I thought about making logic in the show action that would work for either URL request but it doesn't look very nice to the end user seeing an ID - I am sure there is something in Rails to mask this sort of information and still pass the ID parameter.
Thanks in advance for any help.
Yes, you can make the url as user friendly.So user can see the simple url that dosen't use the id.
There is a gem in rails that easily solve your problem.
Friendly_id
My application centers around an event and specifically the event's ID. Whenever a user navigates to different sections (controllers) of the site, I need to be able to carry the event's ID with it.
I'm guessing including the event's ID in the URL is the preferred method in case a user opens multiple browser windows.
I don't want to manually append the event's ID to every link. Is there a helper method I could create to do this for me?
Thanks
You need to create a nested resource in your routes file, this will add something like "/event/#eventid" to the beginning of your path. You can then access this from your controllers with params[:event_id]
eg:
routes.rb
resources :events do
# Other controllers routes go here
end
controller_whatever.rb
def index
#whatever = Event.find(params[:event_id]).whatever.all
end
...
Obviously it would be best to use a before filter, but you get the idea.
You should store that in session data:
session[:event_id] = event_id
You will then be able to access that throughout the user's session.
UPDATE:
You may want to have a look at nested resources.
I recommend to use thomasfedb's solution. If it isn't possible for any reason you could do it by overwriting the url_for method like in this question
In a current project I need to support finding a User by login credentials and also by email address. I know that in RESTful design you use a GET to find resources. In Rails...
GET /users # => UsersController.index -- find all the users
GET /users/1 # => UsersController.show -- find a particular user
But I also need something akin to...
GET /users?username=joe&password=mysterio
GET /users?email=foo#bar.com
Is it conventional to add additional routes and actions beyond index and show?
Or is it more common to put conditional logic in the show action to look at the params and detect whether we're finding by one thing or another?
There's a similar issue with PUT requests. In one case I need to set a User to be "active" (user.active = true), and in another case I just need to do a general form-based editing operation.
Thanks guys. Eventually I'm going to figure out this REST stuff.
I'm new to SO, so I can't comment, but the checked green answer is not RESTful.
In a RESTful world, your controller grabs all the parameters and passes it to the model layer for processing. Typically, you shouldn't create another action.
Instead, you should do do something like this:
def show
#user = User.find_by_login_or_email(params[:user])
... #rest of your action
end
Your model can have a method like this:
class User
self.find_by_login_or_email(params)
return find_by_login(params[:login]) unless params[:login].blank?
return find_by_email(params[:email]) unless params[:email].blank?
nil #both were blank
end
end
Your view could look like this:
<%= f.text_field :user, :email %>
or
<%= f.text_field :user, :login %>
Note: untested code, so may be buggy...but the general line of thinking is usually not to create new actions for every one-off rule. Instead, look to see if you can push the logic into the models. If your controllers start to have too many non-standard actions, then it may be time to re-evaluate your domain modeling, and perhaps it's refactor the actions to some new models.
ps: you should never pass in passwords via a GET like that
I don't know how much of this is convention, but this is what I would do. I
would add another action, as long as it's specifically related to that
resource. In your example, show is a find by userid, so it makes sense as
another action on UsersController. You can turn it into a sentence that makes
sense, "get me the user with this email address"
For the other one, GET /users?username=joe&password=mysterio, I would do
that as another resource. I assume you're thinking that action would log in
the user if the password were correct. The verb GET doesn't make sense in that
context.
You probably want a 'session' resource (BTW, this is how restful_auth works).
So you would say "create me a session for this user", or something like POST
/sessions where the body of the post is the username & password for the user.
This also has the good side effect of not saving the password in the history
or letting someone capture it on the HTTP proxy.
So your controller code would look something like this:
class UsersController < ActionController::Base
def show
#user = User.find_by_id(params[:id])
# etc ...
end
def show_by_email
#user = User.find_by_email(params[:email)
end
end
class SessionsController < ActionController::Base
def create
# ... validate user credentials, set a cookie or somehow track that the
# user is logged in to be able to authenticate in other controllers
end
end
You would set up your routes like this:
map.connect "/users/byemail", :controller => "users", :action => "show_by_email", :conditions => { :method => :get }
map.resources :users
map.resources :sessions
That will get you URLs like /users/byemail?email=foo#example.com. There are
issues with encoding the email directly in the URL path, rails sees the '.com'
at the end and by default translates that into the :format. There's probably a
way around it, but this is what I had working.
Also like cletus says, there are ways to make your route match based on the format of the parts of the URL, like all numbers or alphanumeric, but I don't know off hand how to make that work with the dots in the url.
The first thing you can do is make your GETs as smart as possible. In your example, this can be handled programmatically. The argument can be processed this way:
Is a number? It's a userid;
Has a # in it? It's an email;
Otherwise? It's a username.
But I assume that you're not just talking about this example and want something to handle the general case rather than just this specific one.
There are basically two ways of dealing with this:
Add extra path information eg /users/email/me#here.com, /users/name/cletus; or
Be more specific in your "top-level" URL eg /user-by-email/me#here.com, /user-by-name/cletus.
I would handle it programmatically if you can.
Regarding the "ByEmail" request, have you considered creating a new email resource.
GET /email/foo_at_bar_dot_com
The response could contain a link to the related user.
I see so many people trying to apply RESTful design principles to their URL structure and then mapping those urls to procedural handler code. e.g. GET = Show, or is it GET = Index or ShowByEmail. By doing this you are really just pretending to do a RESTful design and then trying to create a mapping between a resource oriented URL space and procedurally oriented implementation. That is really hard to do and the procedural nature keeps leaking out into the URLs.
Resource oriented design often requires a very different way of thinking about problems that we are used to and unfortunately many of the frameworks out there keep sucking us back into the RPC model.
You might be able to set up different routes for different tasks. So for this case you could have one route to a method in UserControll dedecated to getting a user by email, and another for getting the information by credentials.