ruby on rails - How to Hide "Private" Show Pages from Other Users? -

-

in other words if user types in example:

http://0.0.0.0:3000/goals/3

they able see user's goal if user submitted "private". had overlooked because stands submitting via "private" hides goal user's profile , feed, not if user directly searches via url.

how can fix this?

goals_controller

class goalscontroller < applicationcontroller   before_action :set_goal, only: [:show, :edit, :update, :destroy, :like, :user_goals]   before_action :logged_in_user, only: [:create, :destroy]   before_action :correct_user, only: [:edit, :update, :destroy]    def index     if params[:tag]       @goals = goal.tagged_with(params[:tag])     elsif params[:user_id]       @accomplished_goals = user.find(params[:user_id]).goals.accomplished.order("deadline")       @unaccomplished_goals = user.find(params[:user_id]).goals.unaccomplished.order("deadline")     else       @accomplished_goals = current_user.goals.accomplished.order("deadline")       @unaccomplished_goals = current_user.goals.unaccomplished.order("deadline")     end   end    def user_goals       @goals = goal.find_by({user_id: params[:user_id]})       render :index # or other view   end    def show     @goal = goal.find(params[:id])     @commentable = @goal     @comments = @commentable.comments     @comment = comment.new     @notable = @goal     @notes = @notable.notes     @note = note.new     @correct_user = current_user.goals.find_by(id: params[:id])   end    def new     @goal = current_user.goals.build   end    def edit   end    def create     @goal = current_user.goals.build(goal_params)     if (params[:commit] == 'conceal')       @goal.conceal = true       @goal.save       redirect_to @goal, notice: 'goal created'     elsif       @goal.save       track_activity @goal       redirect_to @goal, notice: 'goal created'     else       flash.now[:danger] = 'required field: "enter goal"'       render 'new'     end   end    def update     if @goal.update(goal_params)       redirect_to goals_url, notice: 'goal updated'     else       render action: 'edit'   end end    def destroy     @goal.destroy     redirect_to goals_url   end    def     @goal = goal.find(params[:id])     @goal_like = current_user.goal_likes.build(goal: @goal)     if @goal_like.save       @goal.increment!(:likes)       flash[:success] = 'thanks liking!'     else       flash[:error] = 'two many likes'     end         redirect_to(:back)   end    private     def set_goal       @goal = goal.find(params[:id])     end      def correct_user       @goal = current_user.goals.find_by(id: params[:id])       redirect_to root_url, notice: "not authorized edit goal" if @goal.nil?     end      def goal_params       params.require(:goal).permit(:name, :like, :deadline, :accomplished, :tag_list, :comment, :private_submit)     end end

goal.rb

class goal < activerecord::base     scope :publish, ->{ where(:conceal => false) }     belongs_to :user     scope :accomplished, -> { where(accomplished: true) }     scope :unaccomplished, -> { where(accomplished: false) } end

is private_submit boolean field?

if so, here's quick way make show page private if private_submit field has value of "true".

class goalscontroller < applicationcontroller   # remove :edit, :update, destroy, , :user_gmails below action duplicated  before_action :set_goal, only: [:show, :like]    def show     ## remove:  @goal = goal.find(params[:id])   end    def     # remove it's being called ready in set_goal:      # @goal = goal.find(params[:id])     ...   end    ...    def set_goal     @goal = goal.find(params[:id])     redirect_to(:back) unless @goal.user_id == current_user.id or @goal.private_submit == false   end  end

Comments

Post a Comment

Popular posts from this blog

c# - Better 64-bit byte array hash -

-
i need hash algorithm produces 64-bit hash code ( long ) fewer collisions string.gethashcode() , fast (no expensive calls cryptographic functions). here's implementation of fnv still shows 3% of collisions after testing 2 million random strings. need number way lower. void main() { const string chars = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz!#@$%^&*()_+}{\":?><,./;'[]0123456789\\"; const int n = 2000000; var random = new random(); var hashes = new hashset<long>(); int collisions = 0; for(int = 0; < n; i++) { var len = random.next(chars.length); var str = new char[len]; (int j = 0; j < len; j++) { str[j] = chars[random.next(chars.length)]; } var s = new string(str); if(!hashes.add(get64bithash( s ))) collisions++; } console.writeline("collision percentage after " + n + " random strings: " + ((doubl
Read more

webrtc - Which ICE candidate am I using and why? -

-
[questions in bold below] i have setup kurento media server 5.1.3 in datacenter behind firewall running os ubuntu 14.04. has 2 network cards: 222.222.222.222 (eth0 - private ip) 111.111.111.111 (eth1 - public ip) attached below sdp (setremotedescription) when browser connected kurento media server type: answer, sdp: v=0 o=- 5487318114793304426 0 in ip4 0.0.0.0 s=kurento media server c=in ip4 0.0.0.0 t=0 0 a=group:bundle audio video m=audio 59068 rtp/savpf 111 0 c=in ip4 111.111.111.111 a=rtpmap:111 opus/48000/2 a=rtpmap:0 pcmu/8000 a=sendrecv a=rtcp:59068 in ip4 111.111.111.111 a=rtcp-mux a=ssrc:669011897 cname:user39019747@host-6e83e4c2 a=extmap:3 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time a=mid:audio b=as:20 a=ice-ufrag:ymdk a=ice-pwd:lylifk5ueqzpwm91ddj37e a=fingerprint:sha-256 ff:0f:81:8c:41:4e:b4:b6:c6:d8:36:f3:d6:5f:09:fd:5f:af:13:b3:9d:fc:12:66:ac:f3:56:d6:5b:0a:73:5d a=candidate:1 1 udp 2013266431 111.111.111.111 55239 typ host a=candidate:2 1 udp
Read more

php - Zend Framework / Skeleton-Application / Composer install issue -

-
i trying create zend framework application using skeleton in netbeans. when run composer install, following error message: "c:\php\php.exe" "c:\composer\composer.phar" "--ansi" "--no-interaction" "update" "--dev" using deprecated option "dev". dev packages installed default now. loading composer repositories package information updating dependencies (including require-dev) requirements not resolved installable set of packages. problem 1 - package requires php >=5.5 php version (5.4.42) not satisfy requirement. problem 2 - installation request zendframework/zendframework 2.5.1 -> satisfiable zendframework/zendframework[2.5.1]. - zendframework/zendframework 2.5.1 requires php >=5.5 -> php version (5.4.42) not satisfy requirement. done. apparently, zend framework only needs php 5.3+ contradicts above. need use php 5.4. my composer.json following: { "name": "
Read more