Rails user profile page only accessible to correct user
This one should help to detect current_user is correct.
class UsersController < ApplicationController
before_action :check_user
private
def check_user
if current_user != @user
redirect_to root_url, alert: "Sorry, This Profile belongs to someone else !"
end
end
end
Rails - Devise - User Profile url with username on
Change your controller
class UserController < ApplicationController
def profile
@user = User.find_by_username(params[:username])
end
end
Then the route
match 'user/:username' => 'user#profile'
Creating User Profiles
recently i created user profile so that user can add/edit his personal details,see what he has uploaded.what he has liked,posted and edit/delete/update anything that he has created/uploaded.So in user profile all you need is to fetch all details/associated models of that user and show.So as u already have devise..you can get current_user and use user.rb model to understand all associations of user and get the data using associations ans display it on profile page
i have created a profile_controller
so in my nav_bar i have a link_to <% link_to "View Profile",show_profile_path(current_user) %>
where user is directed to profiles controller and i show the details without creating a new model(user has_one :profile
)
i have a dedicated page to show profile details + a small page to show any user profile when hovered on users image
take a look here for view side idea... user profile page on bootstrap 3
=======updated part===========
suppose i have a user.rb
(using devise
)
###different associations of user can be:=
##this user can like/dislike any model having acts_as_votable
acts_as_voter
##user can tags post/audio/videos/images
acts_as_tagger
##my user can create post,pages,upload images/videos/songs/locations etc...
has_many :posts, :class_name => 'Post', :dependent => :destroy
has_many :pages, :class_name => 'Page', :dependent => :destroy
has_many :images, :class_name => 'Image', :dependent => :destroy
has_many :videos, :class_name => 'Video', :dependent => :destroy
has_many :audios, :class_name => 'Audio', :dependent => :destroy
has_many :places, :class_name => 'Place', :dependent => :destroy
has_many :profile_pictures, :class_name => 'ProfilePicture', :dependent => :destroy
#####so..as now i know that **my user can have post/pages/audios/videos** etc...i can also get the details about those associations(assuming you have configured belongs_to in associated models as well + tables with foreign_key as user_id in eash associtated table),such as:-*
##to get all videos that user has uploaded
@user.videos
##same applies for other associated models as well
@user.images..@user.audios...@user.pages.....@user.post....@user.places...@user.profile_pictures...etc
####So now you have all user(current_user data)...
###its time to show data in profiles_controller..
##your show method
## profile#show
def show
@user=User.find current_user.id
@all_user_videos=@user.videos..and so on
##get all user videos/images..etc and show it in your view file
##your view file can be the one that i shared the link or any other way that you want...
###there are lot of ways...google around and then you can get an idea as how to display user_profile page..as now you have the data(*Yipee*)
end##method ends
hope this helps
User profile creation in Rails, with Devise for users?
These are the steps I did to create that kind of environment:
Run these commands on the command line:
rails new pinterest
rails generate scaffold user name:string age:integer
rake db:create
rake db:migrate
Make the route:
# routes.rb
get '/:name' => "users#show"
Update the set_user method to find the user by name
# users_controller.rb
def set_user
@user = User.find_by_name(params[:name])
end
Then all you need to do is create a new user and access it using it's name.
how to not let a user open any other users page?
Just change your UsersController#correct_user
to catch ActiveRecord NotFound exception:
class UsersController < ApplicationController
...
def correct_user
@user = User.find(params[:id])
redirect_to(root_url) unless current_user?(@user)
rescue ActiveRecord::RecordNotFound
redirect_to(root_url)
end
end
Second root which redirects to users profile page when logged in without using Devise
In your static_pages_controller.rb
file just add:
def home
if logged_in?
redirect_to current_user
end
end
How to show public version of user profile in Rails?
There are tons of ways of doing this, and I do not think there is a cleanest way.
I would probably break the page into partials, one partial for each grouping of information you need.
Then you could have variables control which partials get rendered.
For example (in HAML):
- if @admin
render :partial => 'admin_panel'
For the real simple stuff you could inline the if (and not have a partial)
Alternatively, if stuff is getting out of hand, you can have different views for each "show" page.
Related Topics
Upsert Multiple Records with Mongodb
What's Wrong with the Square and Rectangle Inheritance
Rails 3 Caching: Expire Action for Named Route
Overriding Model in Gem, Adding Callback and Methods
How to Build Ruby 2.1.3 on Osx 10.10 Gm 3.0 with Rbenv
State MAChine, Model Validations and Rspec
Grit's Clone Method Is Undefined
Typeerror: Object Doesn't Support This Property or Method
Why Is the Splat Used Inside an Array Definition Here
Problem Running Thinking Sphinx with Rails 2.3.5
How to Access Current_User Object in Model
Ruby on Rails Global Activerecord::Enum