CODEWITHSUNDEEP
ruby-on-rails
yemeni Dream
yemeni Dream

Reputation: 19

manage users by an admin in ruby on rails

how can I manage and edit other users profiles as an admin since I have one model and controller (users) ?

I tried to add a new action called updateusers

def updateusers
    @other_user=User.find(params[:id])
    if @other_user.update_attributes(otherusers_params) 
            redirect_to '/' 
    else
            redirect_to '/manage'
   end
end

the problem here :it is updating my admin user with the other_user's data

stack trace
Started GET "/manage" for ::1 at 2016-03-19 21:06:08 +0300 Processing by UsersController#manage as HTML User Load (1.0ms) SELECT "users".* FROM "users" Rendered users/manage.html.erb within layouts/application (5.0ms) User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200 OK in 53ms (Views: 51.0ms | ActiveRecord: 1.0ms)

'Started GET "/users/10" for ::1 at 2016-03-19 21:06:10 +0300 Processing by UsersController#show as HTML Parameters: {"id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 10]] Rendered users/show.html.erb within layouts/application (0.0ms) User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200 OK in 37ms (Views: 36.0ms | ActiveRecord: 0.0ms)

Started GET "/editusers/10" for ::1 at 2016-03-19 21:06:11 +0300 Processing by UsersController#editusers as HTML Parameters: {"id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 10]] Rendered users/editusers.html.erb within layouts/application (4.0ms) User Load (1.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Completed 200 OK in 41ms (Views: 39.0ms | ActiveRecord: 1.0ms)

Started PATCH "/users/10" for ::1 at 2016-03-19 21:06:15 +0300 Processing by UsersController#update as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"6M1TGLQUEhiezCCg9/rT5IofdroMiQ0sm+bYcihgGDxTjDdFGU2Riou2p‌​cRk5ncjCtFDGwfBj17Uq7gc0u329w==", "user"=>{"first_name"=>"g", "last_name"=>"g", "email"=>"[email protected]", "role"=>"editor", "image"=>"pic.png", "admins"=>""}, "other"=>"update", "id"=>"10"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]] Unpermitted parameters: role, admins

(0.0ms) begin transaction SQL (1.0ms) UPDATE "users" SET "first_name" = ?, "last_name" = ?, "email" = ?, "updated_at" = ? WHERE "users"."id" = ? [["first_name", "g"], ["last_name", "g"], ["email", "[email protected]"], ["updated_at", "2016-03-19 18:06:15.488284"], ["id", 1]] (47.0ms) commit transaction Redirected to localhost:8080/profile Completed 302 Found in 54ms (ActiveRecord: 48.0ms)

Upvotes: 0

Views: 292

Answers (2)

yemeni Dream
yemeni Dream

Reputation: 19

after 10 days ,, Yes i did it - the solution is in the name of submit , I named the two submits with diffrent names <%= f.submit "update", name:"other" %> then i used the update action like this 

def update 
    if params[:current]
       @user = current_user
       if @user.update_attributes(user_params)
          redirect_to '/profile'
       else 
          redirect_to '/edit'
       end 

     elsif params[:other]
         @other_user=User.find(params[:id])
         if @other_user.update_attributes(otherusers_params)
            redirect_to '/'
          else 
             redirect_to '/manage'
          end 
     end 

end

Upvotes: 0

toddmetheny
toddmetheny

Reputation: 4443

If it's updating the wrong user, it means that params[:id] is the id of the user being updated. Are you passing the id of the user you want to update in the params? Try calling puts params.inspect at the top of the controller action to see what data is being passed. You need to look up @other_user with their id and you need to make sure that @other_user's id is being passed with the other form data.

Upvotes: 1

Related Questions