thr3ads.net - Rails - Users have roles now but how can they edit there own posts. [Feb 2007]

If this information is useful, please help other people find it:
Share via:

GA Gorter

2007-Feb-14 11:50 UTC

Users have roles now but how can they edit there own posts.

Using the book Rails recipes i found out how i can set different roles
for different types of users.
everything works well when a user registerd himself he gets
automatically the right role for user.

But now i have another problem.
How can i make that users can edit only there own posts.
Is there a howto or something

-- 
Posted via http://www.ruby-forum.com/.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Russell Norris

2007-Feb-14 14:24 UTC

head link

Re: Users have roles now but how can they edit there own posts.

I''d try something like Post has_many [or has_one] :users then check
user is
in the array of users [or is the one user].

RSL

On 2/14/07, GA Gorter
<rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
wrote:>
>
> Using the book Rails recipes i found out how i can set different roles
> for different types of users.
> everything works well when a user registerd himself he gets
> automatically the right role for user.
>
> But now i have another problem.
> How can i make that users can edit only there own posts.
> Is there a howto or something
>
> --
> Posted via http://www.ruby-forum.com/.
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Thorsten L

2007-Feb-14 14:45 UTC

head link

Re: Users have roles now but how can they edit there own posts.

As you would have to do that check for more than one action, namely
the edit action (which displays the edit form), the update action that
updates the record, and the delete action that deletes it (if users
are allowed for that), i would suggest using a before_filter that gets
the post in Question, and checks if the user who wrote it is the user
who requested the action:

class Posts < ActionController

before_filter :check_priviliges, :only => [:edit,:update,:delete]

....your actions....

private
def check_priviliges
  @post = Post.find_by_id(params[:id],:include => :user)
  if @post.user.id = session[:user][:id]
    true
  else
    redirect_to ....your error_page....
  end
end

end

of course the Post Model needs to have a relationship to User:

class User < ActiveRecord
  has_many :posts
end
class User < ActiveRecord
  belongs_to :user
end

You can also additionally check in the before_filter, weither the user
is an Admin, if Admins can edit all Posts, for example.
As i don''t know Rails Recipes Book the above code is only a pointer as
your book''s example probably handles users/sessions a bit differently.

Greets.

On 14 Feb., 15:24, "Russell Norris"
<sco...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> I''d try something like Post has_many [or has_one] :users then
check user is
> in the array of users [or is the one user].
>
> RSL
>
> On 2/14/07, GA Gorter
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:
>
>
>
>
>
> > Using the book Rails recipes i found out how i can set different roles
> > for different types of users.
> > everything works well when a user registerd himself he gets
> > automatically the right role for user.
>
> > But now i have another problem.
> > How can i make that users can edit only there own posts.
> > Is there a howto or something
>
> > --
> > Posted viahttp://www.ruby-forum.com/.- Zitierten Text ausblenden -
>
> - Zitierten Text anzeigen -

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Russell Norris

2007-Feb-14 15:26 UTC

head link

Re: Users have roles now but how can they edit there own posts.

I didn''t say I was giving you _everything_ you need to solve the
problem.
Just a headstart. ;)

RSL

On 2/14/07, Thorsten L <duplexxx-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org>
wrote:>
>
> As you would have to do that check for more than one action, namely
> the edit action (which displays the edit form), the update action that
> updates the record, and the delete action that deletes it (if users
> are allowed for that), i would suggest using a before_filter that gets
> the post in Question, and checks if the user who wrote it is the user
> who requested the action:
>
> class Posts < ActionController
>
> before_filter :check_priviliges, :only => [:edit,:update,:delete]
>
> ....your actions....
>
> private
> def check_priviliges
>   @post = Post.find_by_id(params[:id],:include => :user)
>   if @post.user.id = session[:user][:id]
>     true
>   else
>     redirect_to ....your error_page....
>   end
> end
>
> end
>
> of course the Post Model needs to have a relationship to User:
>
> class User < ActiveRecord
>   has_many :posts
> end
> class User < ActiveRecord
>   belongs_to :user
> end
>
> You can also additionally check in the before_filter, weither the user
> is an Admin, if Admins can edit all Posts, for example.
> As i don''t know Rails Recipes Book the above code is only a
pointer as
> your book''s example probably handles users/sessions a bit
differently.
>
> Greets.
>
> On 14 Feb., 15:24, "Russell Norris"
<sco...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> > I''d try something like Post has_many [or has_one] :users then
check user
> is
> > in the array of users [or is the one user].
> >
> > RSL
> >
> > On 2/14/07, GA Gorter
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:
> >
> >
> >
> >
> >
> > > Using the book Rails recipes i found out how i can set different
roles
> > > for different types of users.
> > > everything works well when a user registerd himself he gets
> > > automatically the right role for user.
> >
> > > But now i have another problem.
> > > How can i make that users can edit only there own posts.
> > > Is there a howto or something
> >
> > > --
> > > Posted viahttp://www.ruby-forum.com/.- Zitierten Text ausblenden
-
> >
> > - Zitierten Text anzeigen -
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

GA Gorter

2007-Feb-14 15:58 UTC

head link

Re: Users have roles now but how can they edit there own pos

I set all the relationnshiops so as describes here and in the books.
But the user_id  is NULL at each post.
with comments the post_id works well but with user_id the database alays
returns null

-- 
Posted via http://www.ruby-forum.com/.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

GA Gorter

2007-Feb-14 16:07 UTC

head link

Re: Users have roles now but how can they edit there own pos

Okay it''s only possible with a select to set the user_id not 
automatically at the moment.

-- 
Posted via http://www.ruby-forum.com/.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Rails - Feb 2007 - Users have roles now but how can they edit there own posts.

Users have roles now but how can they edit there own posts.

Re: Users have roles now but how can they edit there own posts.

Re: Users have roles now but how can they edit there own posts.

Re: Users have roles now but how can they edit there own posts.

Re: Users have roles now but how can they edit there own pos

Re: Users have roles now but how can they edit there own pos