Hi. I have a problem in restful routing. My project is a discussion
forum.
The route is
map.resources :forums do |forum|
forum.resources :topics do |topic|
topic.resources :posts
end
end
Everything in the code I wrote are working good.
An example url for a show action of a forum post would be
http://localhost:3000/forums/3/topics/4/posts/90
Now if i replace 90 by 200, I get the post with id 200 which doesn''t
belong to topic id 4.
How can i prevent this?
Thank you
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
I would think that the find code in your PostsController is something like
@post = Post.find(params[:id])
This of course directly gets the Post with the id specified in the URL.
What you can do to get around it is to drilldown from the Forum, Topic
and then Post. Something like this:
@forum = Forum.find(params[:forum_id], :include => { :topics => :posts } )
@topic = @forum.topics.select { |topic| topic.id =params[:topic_id].to_i }.first
@post = @topic.posts.select { |post| post.id == params[:id].to_i }.first
Please note that the code above is not robust as it does not check for nils.
If @topic were nil for example, the last line to get the post will bomb out.
/franz
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
Thanks a lot. I will try this out now -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
I am not sure if this is correct approach but you could apply the before filter that could check if given post belongs to given topic (and the topic belongs to given forum :) ) On Oct 13, 11:32 am, Rock Roll <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Hi. I have a problem in restful routing. My project is a discussion > forum. > > The route is > > map.resources :forums do |forum| > forum.resources :topics do |topic| > topic.resources :posts > end > end > > Everything in the code I wrote are working good. > > An example url for a show action of a forum post would be > > http://localhost:3000/forums/3/topics/4/posts/90 > > Now if i replace 90 by 200, I get the post with id 200 which doesn''t > belong to topic id 4. > > How can i prevent this? > > Thank you > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---