Reputation: 650
So I've used the logic in the "authentication from scratch" railscast at http://railscasts.com/episodes/250-authentication-from-scratch and it seems to work and I can stick a "You are logged in as..." message at the top of the page.
But if I want to do something like log who submitted a post I've hit a bit of a wall.
I don't want to submit it through a hidden field in the new post form, because I guess there are security issues with that.
I don't want to use the "belongs to" logic in the rails tutorial at http://ruby.railstutorial.org/ruby-on-rails-tutorial-book because although it would technically work here, I might in the future need to log who created an entry where the "belongs to" relationship doesn't exist.
What I tried to do was create a "before save" function call in my post model that assigns a "created_by" value, but I guess models can't access the current_user that was created as per the authentication railscast.
So now I've got no idea how to do something like this.
EDIT: New to Ruby, new to ERD, all that, but what I mean by the belongs to relationship doesn't exist is if there were, say, a rating system for posts, each rating would belong to a post. But I'd also want to log who submitted each rating.
Upvotes: 5
Views: 13252
Reputation: 1475
(alternative to Aldo 'xoen' Giambelluca answer)
I think you should use a belongs_to
relationship as explained by loosecannon, but if you really don't want, add the following method in your User
class:
def new_post(params)
post = Post.new(params)
post.created_by = id
post
end
and in your controller:
def create
@post = current_user.new_post(params[:post])
if @post.save
redirect_to @post, notice: 'Post successfully created'
else
render 'new'
end
end
Upvotes: 0
Reputation: 12475
If I understand well the problem you have is the fact you can't see which user is currently loggen using current_user
helper method in your model, you can just set the created_by
attribute of the post in the Post
controller before to save it, something like:
def create
@post = Post.new(params[:post])
@post.created_by = current_user.id
if @post.save
redirect_to whereyouwant_url, :notice => "Post successfully created"
else
render "new"
end
end
Upvotes: 7
Reputation: 7803
Ok, not sure what complications exist, but here goes:
so addind a belongs_to
makes the post have a field called user_id
that is a foreign key for the user's id. if you added a created by, this would do the same thing, except you would have to program the updating and derefreneces yourself. I think that this is probably the best way to get this functionality, and you would just have to add it later to the parts that don't have it, but rails makes it easy.
class User < ActiveRecord::Base
has_many :posts
end
class Post < ActiveRecord::Base
belongs_to :user, :as => :created_by
end
post.created_by
user.posts
would give you access to that user, and is this is equivalent to using what you talked about, except rails would do its magic and add methods for you.
EDIT: if this doesn't work for you, sorry your question wasn't clear on why you needed certain things, but you can always add belongs to relationship pretty easy, thats what I would recommend.
Upvotes: 0