Virtual attributes on new models in Rails? - ruby-on-rails

This certain part of my application takes cares of creation of Webshop model for store chains (like H&M) that has one. If the chain has a website that also is a webshop it creates one Webshop model.
If the website is not a webshop then it lets it be just at string in the Chain model.
PROBLEM: I'm doing this with a checkbox and virtual attributes. So when sending the a request to the chain controller a checkbox sets the value 'set_webshop'.
# Chain Model
class Chain
has_one :webshop, :dependent => :destroy
def set_webshop
self.webshop.url == self.website unless self.webshop.blank?
end
def set_webshop=(value)
if self.webshop.blank?
value == "1" ? self.create_webshop(:url => self.website) : nil
else
value == "1" ? nil : self.webshop.destroy
end
end
end
# Chain Controller
class ChainsController < ApplicationController
def create
#chain = Chain.new(params[:chain])
respond_to do |format|
if #chain.save
flash[:notice] = 'Chain was successfully created.'
format.html { redirect_to(#chain) }
format.xml { render :xml => #chain, :status => :created, :location => #chain }
else
format.html { render :action => "new" }
format.xml { render :xml => #chain.errors, :status => :unprocessable_entity }
end
end
end
def update
params[:chain][:brand_ids] ||= []
#chain = Chain.find(params[:id])
respond_to do |format|
if #chain.update_attributes(params[:chain])
flash[:notice] = 'Chain was successfully updated.'
format.html { redirect_to(#chain) }
format.js
else
format.html { render :action => "edit" }
end
end
end
end
It all works perfectly when updating a Chain model but when not when creating a new one? I can't figure out why?
Here are the POST and PUT requests.
# POST (Doesn't work - does not create a Webshop)
Processing ChainsController#create (for 127.0.0.1 at 2010-02-06 11:01:52) [POST]
Parameters: {"commit"=>"Create", "chain"=>{"name"=>"H&M", "set_webshop"=>"1", "website"=>"http://www.hm.com", "desc"=>"...", "email"=>"info#hm.com"}, "authenticity_token"=>"[HIDDEN]"}
# PUT (Works - does create a Webshop)
Processing ChainsController#update (for 127.0.0.1 at 2010-02-06 11:09:13) [PUT]
Parameters: { "commit"=>"Update", "chain"=> { "name" => "H&M", "set_webshop"=>"1", "website" => "http://www.hm.com", "desc" => "...", "email" => "info#hm.com"}, "authenticity_token"=>"[HIDDEN]", "id"=>"444-h-m"}
Is there a special way to handle virtual_attributes on new models in Rails?

It probably doesn't work because in this line
self.create_webshop(:url => self.website)
to create a webshop for the new chain you have no id of the chain yet (it hasn't been created at this moment), so there's no possibility to create an association.
Define an after_save callback and create a webshop there. To remember the value of the checkbox in the meantime, you can store in an attr_accessor.

Related

Writing method for form posts a blank field

I am running rails 3.2
I have created a nested form (requests > tags) with coffeescript handling the addition of new tags.
Everything works with the exception of the form posting a blank tag.name
I am trying to write a method to delete the blank field before the form posts. I realize this may be the wrong approach, but I am still a beginner:
requests_controller.rb
def create
#request = current_user.requests.build(params[:request])
#tag = Tag.new
if #tag.name.blank?
destroy_blank
end
respond_to do |format|
if #request.save
format.html { redirect_to(#request,
:notice => 'Request was successfully created.') }
format.json { render :json => #request,
:status => :created, :location => #request }
else
format.html { render :action => "new" }
format.json { render :json => #request.errors,
:status => :unprocessable_entity }
end
end
end
request.rb
def destroy_blank
blank = #tag.name
blank.delete
end
I hope that's clear. If not let me know and I will include more information.
If you can't stop blank tags from coming in, you can create a before_create filter in the model to skip saving blank tags. Leave the controller clean and simple.
Good luck!

Rails: undefined method `total_price' for nil:NilClass

I'm building a concert ticket sales application with Rails 3.0.4, working primarily with the Agile Web Development tutorial (http://pragprog.com/titles/rails3/agile-web-development-with-rails) and trying to incorporate Ryan Bate's order purchase method (http://railscasts.com/episodes/146-paypal-express-checkout). Everything works with the following in orders_controller.rb:
def create
#order = Order.new(params[:order])
#order.add_line_items_from_cart(current_cart)
#order.ip_address = request.remote_ip
respond_to do |format|
if #order.save
Notifier.order_received(#order).deliver
format.html { redirect_to(calendar_url, :notice => 'Thank you for your order.') }
format.xml { render :xml => #order, :status => :created, :location => #order }
Cart.destroy(session[:cart_id])
session[:cart_id] = nil
else
format.html { render :action => "new" }
format.xml { render :xml => #order.errors, :status => :unprocessable_entity }
end
end
But when I add "&& #order.purchase" to the conditional clause, with the order.rb model as follows:
class Order < ActiveRecord::Base
#...
belongs_to :cart
#...
def price_in_cents
(cart.total_price*100).round
end
def purchase
response = GATEWAY.purchase(price_in_cents, credit_card, purchase_options)
cart.update_attribute(:purchased_at, Time.now) if response.success?
response.success?
end
#...
end
I receive an "undefined method `total_price' for nil:NilClass" error. I can get around this by adding
#order = current_cart.build_order(params[:order])
to the orders "create" method, but this messes up the "order_received" notification by somehow preventing the pertinent order information (in this case "#order.line_items") from rendering in the e-mail text.
The "cart" object is being set to nil somewhere along the way, but removing
Cart.destroy(session[:cart_id])
from the order "create" method does not fix the problem.
Anyone got a clue for this noob?
It doesn't look like the Cart object is ever actually specified in the belongs_to relation, you need to either do #order.cart = current_cart, or current_cart.order = Order.new, or something along those lines.

Restricting url manipulation to return other user records

I have just begun Rails 3. I have generated the below code using the scaffold from Rails 3 on a table called "Logs".
The 'index' function below provides only the records associated with the current_user.id (from the session stored in the session table). The users records are only presented with the following route logged in as user = 3 (see index code below)
localhost:3000/logs
Problem: As a user, I can view a record which is not my record (being user=3) by editing the url manually to show any other record:
localhost:3000/logs/5 'this was entered by user.id=2'
Seeking Solution: How do I prevent manually hacking of the url to prevent a user viewing other user records?
class LogsController < ApplicationController
before_filter :login_required
def index
#logs = Log.where(:user_id => current_user)
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => #logs }
end
Please ignore that the new function is missing from the create function below. The code below is to merely demonstrate how I put the user_id into the "Logs" table
def create
#log = Log.new(params[:log])
#log.user_id = current_user.id
respond_to do |format|
if #log.save
format.html { redirect_to(#log)}
format.xml { render :xml => #log, :status => :created, :location => #log }
else
format.html { render :action => "new" }
format.xml { render :xml => #log.errors, :status => :unprocessable_entity }
end
end
The simplest solution would be to check in the show method if the Log to display really belongs to the logged in user:
def show
#log = Log.find(params[:id])
unless #log.user_id == current_user.id
flash[:error] = "unauthorized"
redirect_to :index
end
end
But you will soon have some more things you want to restrict access to, so you should look for an authentication plugin which allows to define the access rights in a declarative manner. Maybe this one: https://github.com/be9/acl9

Nice way of doing dual column validation

I'm using Rails 3 for this one. I've got a collections model, a user model and an intermediate subscription model. This way a user can subscribe to multiple collections, with a particular role. However, I don't want a user to be able to subscribe to the same collection twice.
So in my Subscription model I've got something like:
validate :subscription_duplicates
def subscription_duplicates
self.errors.add_to_base "This user is already subscribed" if Subscription.where(:user_id => self.user.id, :collection_id => self.collection.id)
end
However this seems ugly. Also, it breaks when I want to do something like the following in my collection controller:
def create
#collection = Collection.new(params[:collection])
#collection.subscriptions.build(:user => current_user, :role => Subscription::ROLES['owner'])
#collection.save
respond_with(#collection)
end
When I do the build the subscription does not have an id so I get a "Called id for nil" error.
Thanks for any guidance!
use validates_uniqueness_of
validates_uniqueness_of :user_id, :scope => :collection_id
First of all, your create action should always test if the object was saved, and if not then handle that (usually by re-rendering the new/edit page and showing the errors to the user).
A standard sort of create action would look like this (for a #post in this case):
def create
#post = Post.new(params[:post])
#created = #post.save
respond_to do |format|
if #created
flash[:notice] = 'Post was successfully created.'
format.html { redirect_to #post }
format.xml { render :xml => #post, :status => :created, :location => #post }
format.js
else
format.html { render :action => :new } #or edit or wherever you got here from
format.xml { render :xml => #post.errors, :status => :unprocessable_entity }
format.js
end
end
end
Shingara's approach to avoiding duplicates should work fine for you.

Ruby on Rails: link updates DB

Simple RoR question...I am learning ROR and am making a simple voting app. The candidates are listed in a table and have upvote/downvote links next to their name. I am trying to make it so all the user does is click the link, the vote count is updated, and they are redirected to the initial page. I am not using scaffolding. For some reason this action is not doing anything close to what I want:
def upvote
#name = Name.find(params[:id])
#name[:votes] += 1
respond_to do |format|
if #name.update_attributes(params[:name])
flash[:notice] = 'Candidate was upvoted'
format.html = { redirect_to :action => "index" }
format.xml = { head :ok }
else
format.html = { render :action => "index" }
format.xml = { render :xml => #name.errors, :status => :unprocessable_entity }
end
end
end
I do have the link in the view calling the correct action, it's trying to call :show, though.
please don't judge me too harshly lol...
The update_attributes method is generally used to set the fields of an ActiveRecord object from a form POST. The fields would be found as the hash params[:name], e.g. params[:name][:votes].
If you are clicking on a link to call the upvote method, then you are just doing a GET request. All you need to do is call #name.save to save the record.
def upvote
#name = Name.find(params[:id])
#name[:votes] += 1
respond_to do |format|
if #name.save
flash[:notice] = 'Candidate was upvoted'
format.html = { redirect_to :action => "index" }
format.xml = { head :ok }
else
format.html = { render :action => "index" }
format.xml = { render :xml => #name.errors, :status => :unprocessable_entity }
end
end
end
EDIT: From the comments, we also determined that the routes were set up improperly and that the link_to code in the view needed to include #name.id.
Typically the RESTful URL that maps to show is:
my_resource/id
So, e.g.,
candidates/1
Just at a guess, I'll bet if you look in config/routes.rb, you'll find something like:
map.resources :candidates
Where my_resource is the name of your controller. If you are going to use this kind of routing, then how does the resource provide upvoting? The custom method seems wise in this case, so:
map.resources :candidates, :collection => { :upvote => :post }
If you run
rake routes | grep candidate
before and after, you can see what's been added. Hope this helps.

Resources