Mini John
Reputation: 7941
Current_user in Controller for Rails 4
I have a Listings Controller where Users can Create their Listings.
To prevent users to edit other users listings i just had to update every action from
Listing to current_user.listings
but with Rails 4 the controller got changed and i can't find how to set this up.
My Controller File->
class ListingsController < ApplicationController
before_action :set_listing, only: [:show, :edit, :update, :destroy]
before_filter :authenticate_user!, :only => [:index]
# GET /listings
# GET /listings.json
def index
@listings = Listing.all
end
# GET /listings/1
# GET /listings/1.json
def show
end
# GET /listings/new
def new
@listing = Listing.new
end
# GET /listings/1/edit
def edit
end
# POST /listings
# POST /listings.json
def create
@listing = Listing.new(listing_params)
respond_to do |format|
if @listing.save
format.html { redirect_to @listing, notice: 'Listing was successfully created.' }
format.json { render action: 'show', status: :created, location: @listing }
else
format.html { render action: 'new' }
format.json { render json: @listing.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /listings/1
# PATCH/PUT /listings/1.json
def update
respond_to do |format|
if @listing.update(listing_params)
format.html { redirect_to @listing, notice: 'Listing was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: @listing.errors, status: :unprocessable_entity }
end
end
end
# DELETE /listings/1
# DELETE /listings/1.json
def destroy
@listing.destroy
respond_to do |format|
format.html { redirect_to listings_url }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_listing
@listing = Listing.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def listing_params
params.require(:listing).permit(:title, :description)
end
end
Anyone knows a Solution ?
Upvotes: 0
Views: 2141
Answers (1)
Jesse Wolgamott
Reputation: 40277
change from #new to build. So, change all @listing = Listing.new to:
@listing = current_user.listings.build
Then, in set_listing change to:
@listing = current_user.listings.find(params[:id])
Upvotes: 3
Related Questions
- Access devise current_user variable in rails controller
- Accessing current_user variable in another controller
- Use current_user in application controller
- Current_user method using devise
- Accessing current_user devise method from rails controller
- Rails 4 current_user (gem devise) acess into model
- current_user in Model
- Devise not current_user method?
- How to use "current_user" with devise in Rails?
- Devise 'current_user' not working properly in controller?