Testing against the 'current_user' with Devise in Rails 3 - ruby-on-rails

I'm just starting out with Ruby and Rails, trying out Devise with Rails 3. I've got a loop around a list of Posts, each of which has an associated user. I only want to display editing controls for those posts which are associated with the current user.
<% #posts.each do |post| %>
<%= link_to "show" %>
<% if current_user = post.user %>
<%= link_to "edit" %>
<% end %>
<% end %>
(The above is simplified, and from memory, so I'm sure the syntax isn't entirely right - but you get the gist.)
If no user is logged in, the posts show as intended - there's a Show link, but no Edit link. However, if I am logged in at all, all of the Edit links show up, even fir posts created by a different user.
I've verified in the console that User.find(1) != User.find(2), but for some reason the current_user = post.user evaluates to true no matter who is currently logged in. Is this to do with current_user being a helper as opposed to a "real" user object? How can I use current_user to get at the ACTUAL current user to make my comparison?
Thanks,
Dan

You're assigning rather than testing - use == - i.e.
<% if current_user == post.user %>

Related

Rails if statement for current user profile view and other users

Hi I'm having some trouble getting different views to display based on whether or not the user being viewed is the logged in user.
I'm using Rails 3.2 and Devise
I've tried the code below but it always returns the template for the logged in user (where I have edit info links) rather than the one for the other users.
<% if user = current_user %>
<%= render 'users/myprofile' %>
<% else %>
<%= render 'users/viewprofile' %>
<% end %>
Thanks very much
The statement should be..
<% if user == current_user %>
The reason being, = is for assignment, == is for comparison.
Check the sign of comparison. You have used equals to sign.
<% if user == current_user %>
= sign assigns the current user to user variable. Hence the condition will always be true unless there is no current user.

Devise Admin rails

I have followed the Devise Wiki to create a very basic admin setup by adding a admin column to my User table in a boolean format.
I have been into my table (through SQlite administrator) and assigned one of my users to be an admin.
I am then have the following code in my view:
<% if user_signed_in? %>
<% if current_user.admin? %>
<%= link_to "Admin Job Post", new_user_job_path(current_user.id) %>
<% else %>
<%= link_to "Post a new job", new_user_job_path(current_user.id) %>
<% end %>
<% else %>
<%= link_to "Post a new job", new_user_session_path %>
<% end %>
The issue I am having is that my app is only ever returning my <%= link_to "Post a new job", new_user_job_path(current_user.id) %> even when logged in with an admin user.
It would be great to get a solution on this because I have tried several variations and can't get it to work.
Thanks in advance for your help!
I'm not sure of the entirety of your code, but I have a similar setup, but I used the following to show a link once a user is logged in as an Admin (I used 'try' due to the fact that it is outside of a 'user_logged_in' check).
<% if current_user.try(:admin?) %>
<li>AdminLink</li>
<% end %>
Are you sure that you made the user an admin?
To make the user admin you should have run the following commands
User.find(#id_of_user_you_want_to_make_admin)
User.admin = true
User.save!
<% if current_user.present? && current_user.has_role?(:admin) %>
<li><%= link_to 'Some Cool Admin Feature', cool_admin_path %></li>
This is what you're looking for if you're using Rails 4 with Devise 2.x. Note the () around :admin aren't necessary, I included them for clarity here as the '?' after the method seems to throw people that are new to ruby.
Another way to give admin privileges is to simply use <% if current_user.try (:email) == "admin#example.com" %> That always works for me. That way you don't have to worry about the whole system.

if current_user.id = #game.user_id

I have links to the show pages for each game in my project and if the
games user_id matches the id of the currently signed in user then I want
it to display the edit button if they are not then it shouldn't display.
I currently have the following code set but it doesn't work. Every game
has the edit button display. The code is as followed:
<% if current_user.id = #game.user_id %>
<div id="text3"><%= link_to 'Edit', edit_game_path(#game) %></div><br />
<% end %>
Any ideas?
MrDanA's answer is most probably the error, but you may want to make this code better. Checking like that is not the Rails way of doing it. Instead, make a User instance method like :
def has_game?(game)
self.games.exists?(:id => game.id)
end
and then in your view :
<% if current_user.has_game?(#game) %> ...
(can even be better by further delegating exists into the game model, as a scope or so, if you like)
You want ==
So:
<% if current_user.id == #game.user_id %>

Eliminating current_user activity from records being returned through a complex association

I have built a Ruby on Rails application (Rails 2.3.9) that allows users to track workouts. After a workout is created other users can comment on that workout. I am now working on the Dashboard index view to display recent activity.
In this particular section I am trying to display comments from all on workouts that current_user has commented on. I am successfully pulling those comments, ordering them, and limiting the output through the below code.
I am now trying to exclude comments from current user. Here is the code:
/views/dashboard/index.html.erb
<% unless current_user.comment_stream.blank? %>
<h3>Recent Comments from WODs you commented on</h3>
<% current_user.comment_stream[0,10].each do |comment| %>
<p>
Comment from <%= link_to (comment.user.username), comment.user %>
<%= time_ago_in_words(comment.created_at) %> ago on Workout:
<%= link_to (comment.workout.title), comment.workout %>
</p>
<% end %>
<% end %>
User.rb
def workouts_on_which_i_commented
comments.map{|x|x.workout}.uniq
end
def comment_stream
workouts_on_which_i_commented.map do |w|
w.comments
end.flatten.sort{|x,y| y.created_at <=> x.created_at}
end
Example of Problem:
Here is an example of what happens with this code:
User A creates a workout and User B comments on it. Then User C and User D also comment on User A's workout. In User B's dashboard view, I want him to see comments from User C and User D in the activity stream...but I don't want him to see his own comments.
I could simply use a <% unless comment.user_id == current_user.id %> but that messes up the number of records being displayed as those are fished prior to the exclusion line.
In comment_stream, you can add filter out the comments you posted
def comment_stream
workouts_on_which_i_commented.map do |w|
w.comments
end.flatten.reject{|c| c.user_id == current_user.id}.sort{|x,y| y.created_at <=> x.created_at}
end

Rails3: How to insert a value to a column without user interaction?

I have post and user model and I have Many(posts) to One(User) association.
I want to display only the posts which are created by that user(current user).
So somehow I have to inject the currently logged in user's id into the "user_id" foreign key
of the post model during creation. I'm using Devise as my authentication system.
Any solutions of how to achieve this ?
I'm using Rails version 3.0.
Thanks in advance.
With devise simply use the "current_user" helper ;)
<% if user_signed_in? %>
<% current_user.posts.each do |post| %>
<%= post.title %>
<% end %>
<% end %>
In your PostsController#create method, you can set the Post's user to the current_user (since you are using Devise).
def create
#post = Post.create(params[:post]) do |p|
p.user = current_user
end
#respond_with(#post) or Rails 2 equivalent
end

Resources