[Ruby On Rails] Description that allows only specific users to transition to the edit page

It is a memorandum.

Premise

MacOS Catalina ruby 2.6.5p114 Rails 6.0.3.4 Introduced devise (using helper method called authenticate_user!)

Description that transitions only a specific user to the edit page

`hoges_controller.rb`


class HogesController < ApplicationController
  before_action :authenticate_user!, only: [:edit]
  before_action :specified_hoge, only: [:edit, :update]
  before_action :specified_user, only: [:edit]

(Omitted)

  def edit
  end

  def update
    if @hoge.update(hoge_params)
      redirect_to root_path
    else
      render :edit
    end
  end

  private

  def hoge_params
    params.require(:hoge).permit(:text).merge(fuga_id: params[:fuga_id], user_id: current_user.id)
  end

  def specified_hoge
    @hoge = Hoge.find(params[:id])
  end

  def specified_user
    redirect_to root_path unless @hoge.user.id == current_user.id 
  end
end

Of the above, the point is here ↓

`hoges_controller.rb`


  before_action :specified_user, only: [:edit]

`hoges_controller.rb`


  def specified_user
    redirect_to root_path unless @hoge.user.id == current_user.id 
  end

Using before_action

Name the method with any name after before_action.
Then specify the corresponding action (this time the edit action with the only option).
Write the process in the method.

By doing so, even if another user manually rewrites the URL and tries to move to the edit page, it can be redirected to the home screen.

In this case, if the user id stored in the hoges table and the currently logged-in user id do not match, you can transition to root_path.

Recommended Posts

[Ruby On Rails] Description that allows only specific users to transition to the edit page

[Ruby on Rails] Only the user who posted can edit

[Ruby on Rails] Posting function that only logged-in users can post

(Ruby on Rails6) Create a function to edit the posted content

How to debug the processing in the Ruby on Rails model only on the console

Determine the current page with Ruby on Rails

How to resolve errors that occur in the "Ruby on Rails" integration test

[Ruby on Rails] How to change the column name

[Ruby on Rails] Implementation of validation that works only when the conditions are met

[rails devise] How to transition users who are not logged in to the login page

[Ruby On Rails] Correct description location of unique constraint that gives uniqueness to DB

[Ruby on Rails] Quickly display the page title in the browser

(Ruby on Rails6) Display of the database that got the id of the database

Delete all the contents of the list page [Ruby on Rails]

Apply CSS to a specific View in Ruby on Rails

[ruby] Creating a program that responds only to specific conditions

How to make an application with ruby on rails (assuming that the environment has been built)

How to use Ruby on Rails

[Ruby on Rails] Confirmation page creation

[Ruby on Rails] Use the resources method to automatically create routes.

Things to remember and concepts in the Ruby on Rails tutorial

[Ruby on Rails] Pass the parameters divided by date_select to FormObject.

[Ruby on Rails] How to log in with only your name and password using the gem devise

Ruby on Rails DB Tips for creating methods to reduce the load

How to solve the local environment construction of Ruby on Rails (MAC)!

[Ruby On Rails] How to search the contents of params using include?

[Ruby on Rails] How to use CarrierWave

part of the syntax of ruby on rails

Deploy to Heroku [Ruby on Rails] Beginner

Preparing to introduce jQuery to Ruby on Rails

[Ruby on Rails] How to use redirect_to

[Ruby on Rails] How to use kaminari

[Ruby on Rails] Button to return to top

[Rails] Display people who have DMed on My Page so that you can link to the chat page! 【memorandum】

[Ruby on Rails] How to make the link destination part of the specified id

[Ruby on Rails] Change the update date and creation date to your favorite notation

[Ruby on Rails] Rails tutorial Chapter 14 Summary of how to implement the status feed

[Ruby on Rails] Try to create a service that makes local cats happy

[Rails] When transitioning to a page with link_to, move to the specified location on the page

[Ruby on Rails] Implement a pie chart that specifies the percentage of colors

[Ruby on Rails] How to Japaneseize the error message of Form object (ActiveModel)

Deploy to Ruby on Rails Elastic beanstalk (EB deploy)

[Rails] Button to return to the top of the page

[Ruby on Rails] How to display error messages

[Ruby on Rails] Until the introduction of RSpec

How to add / remove Ruby on Rails columns

[Ruby On Rails / HTML] How to display the cursor (caret) at an appropriate place when displaying a web page

When the Ruby on Rails terminal rolls back

Publish the app made with ruby on rails

A description that only the poster can access

[Ruby on Rails] How to install Bootstrap in Rails

[Ruby on Rails] How to use session method

[Ruby On Rails] In the nested state, the description in parentheses written after Prefix in the link_to method

[Ruby On Rails] How to use simple_format to display the entered text with line breaks

The CSV file that I was able to download suddenly started to appear on the page.

[rails] Hide navbar and header only on TOP page

[Introduction] Try to create a Ruby on Rails application

[Ruby on Rails] How to write enum in Japanese

[Ruby on Rails Tutorial] Error in the test in Chapter 3

Docker the development environment of Ruby on Rails project

[Updated from time to time] Ruby on Rails Convenient methods