I want to make it impossible to transition to other people's editing screens.

Asked 2 years ago, Updated 2 years ago, 102 views

I would like to set it to be impossible to transition to someone else's post screen.
Rspec got stuck and cannot be resolved.
I looked into it, but I couldn't find a solution, so I would appreciate it if you could give me some advice.
Thank you for your cooperation.

Test Results

1) Test Posts Test Edit Test Transition to Edit Other People's Posts Screen Unable to Transition
     Failure/Error: expect(current_path).to eq('/books')

       expected: "/books"
            get: "/books/2/edit"

       (compared using==)

books controller

classBooksController <ApplicationController
  before_action —Authenticate_user!

  def create
    @book=Book.new(book_params)
    @book.user_id=current_user.id
    @books=Book.all
    if
      @book.save
      flash [:notice] = "successfully"
      redirect_to book_url(@book)
    else
      render —index
    end
  end

  def index
    @book=Book.new
    @books=Book.all
  end

  def show
    @book=Book.find (params[:id])
  end

  default
    @book=Book.find (params[:id])
  end

  default update
    @book=Book.find (params[:id])
    if
      @book.update(book_params)
      flash[:notice] = "You have updated book successfully."
      redirect_to book_path (@book.id)
    else
      render —edit
    end
  end

  def destroy
    @book=Book.find (params[:id])
    @book.destroy
    redirect_to books_url
  end

  private

  defbook_params
    param.require(:book).permit(:title,:body)
  end

  def correct_user
    @book=Book.find (params[:id])
    if [email protected]
       redirect_to user_path(current_user)
    end
  end

end

ruby-on-rails rspec

2022-09-30 10:18

1 Answers

I would like to set it to not be able to transition to someone else's post screen.

  • Page available only after login
  • Using device, etc., you can view user information logged in with current_user
  • user has_manybooks

Assume the above.

class BooksController <ApplicationController
  before_action —Authenticate_user!
  before_action —set_book

  def show
    redirect_to books_url if @book.blank?
  end

  default_book
    @book=current_user.books.find_by (id:params[:id])
  end
end

For general web services, 404 is often used when accessing other people's pages.
In that case, it might be better to do the following:

class BooksController <ApplicationController
  before_action —Authenticate_user!
  before_action —set_book

  def show
  end

  default_book
    @book=current_user.books.find(params[:id])
  end
end

If you don't know the following, please check it out.

  • Difference between find, find_by
  • What happens when find fails

2022-09-30 10:18

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

557 Scrap text information after the "View More" button when searching in the Yahoo! News search window

529 Uncaught (inpromise) Error on Electron: An object could not be cloned

547 Who developed the "avformat-59.dll" that comes with FFmpeg?

977 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

634 /usr/bin/google-chrome:symbol lookup error:/usr/bin/google-chrome: undefined symbol:gbm_bo_get_modifier

© 2024 OneMinuteCode. All rights reserved.