I've never had an error in programming, but since the developer is also a human being, I can make mistakes, and network errors can cause the developer to make an error. There are various types of errors, but there are many situations where you should write a process such as "If such an error occurs, do this", but it is a basic usage of rescue and rescue_from that can be used in such cases.
rescue You can use rescue to pick up an error and write what to do next. The following is the difference between the case without rescue and the case with rescue.
The User class creates a user so that it only has a name column.
> user = User.new('Yamada')
=> #<User:0x00007ff0fa896758 @name="Yamada">
> user.name
=> "Yamada"
Create a puts_info method in the User class and execute it.
class UsersController < ActionController::Base
def puts_info
"Name is" + name
end
end
> user.puts_info
=>The name is Yamada
Add the age method that does not exist to the puts_info method and execute it.
class UsersController < ActionController::Base
def puts_info
"Name is" + name
"Age is" + age
end
end
> user.name
=> "Yamada"
> user.puts_info
=> NameError (undefined local variable or method `age' for #<User:0x00007fdeb98f3ed8 @name="Yamada">)
I got a NameError. I will write the processing in case of an error using rescue.
class UsersController < ActionController::Base
def puts_info
"Name is" + name
"Age is" + age
rescue => e
"It is an error"
end
end
> user.puts_info
=> "It is an error"
rescue_from
rescue_from allows you to handle certain types or multiple types of exceptions in one controller as a whole and its subclasses.
record_not_found.class UsersController < ActionController::Base
rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
private
def record_not_found
render plain: "404 Not Found", status: 404
end
end
1, On the Client controller, perform the permission check process with before_action before executing the edit action.
Do current_user.admin? inside the check_authorization method, and if you are not an administrator, use raise to raise the exception ʻUser :: NotAuthorized`.
class ClientsController < ApplicationController
before_action :check_authorization
def edit
@client = Client.find(params[:id])
end
private
def check_authorization
raise User::NotAuthorized unless current_user.admin?
end
end
2, Write the process to execute the ʻuser_not_authorized method in the case of the error ʻUser :: NotAuthorized in ApplicationController.
class ApplicationController < ActionController::Base
rescue_from User::NotAuthorized, with: :user_not_authorized
private
def user_not_authorized
flash[:error] = "You do not have permission to access this page."
redirect_back(fallback_location: root_path)
end
end
By doing this, in the case of a permission error, you can display "You do not have permission".
You don't have to worry about permissions inside the edit action.
If there are methods other than edit that require administrator privileges, you can use before_action to execute check_authorization.
https://railsguides.jp/action_controller_overview.html#rescue