Rails User Profile Page Only Accessible to Correct User

Rails user profile page only accessible to correct user

This one should help to detect current_user is correct.

class UsersController < ApplicationController

    before_action :check_user

    private

    def check_user
      if current_user != @user
        redirect_to root_url, alert: "Sorry, This Profile belongs to someone else !"
      end
    end
end

Rails - Devise - User Profile url with username on

Change your controller

class UserController < ApplicationController
  def profile
    @user = User.find_by_username(params[:username])
  end
end

Then the route

match 'user/:username' => 'user#profile'

Creating User Profiles

recently i created user profile so that user can add/edit his personal details,see what he has uploaded.what he has liked,posted and edit/delete/update anything that he has created/uploaded.So in user profile all you need is to fetch all details/associated models of that user and show.So as u already have devise..you can get current_user and use user.rb model to understand all associations of user and get the data using associations ans display it on profile page

i have created a profile_controller
so in my nav_bar i have a link_to <% link_to "View Profile",show_profile_path(current_user) %>

where user is directed to profiles controller and i show the details without creating a new model(user has_one :profile)

i have a dedicated page to show profile details + a small page to show any user profile when hovered on users image

take a look here for view side idea... user profile page on bootstrap 3

=======updated part===========

suppose i have a user.rb(using devise)

###different associations of user can be:=
 ##this user can like/dislike any model having acts_as_votable
acts_as_voter
##user can tags post/audio/videos/images
acts_as_tagger
##my user can create post,pages,upload images/videos/songs/locations etc...
has_many :posts, :class_name => 'Post', :dependent => :destroy
has_many :pages, :class_name => 'Page', :dependent => :destroy
has_many :images, :class_name => 'Image', :dependent => :destroy
has_many :videos, :class_name => 'Video', :dependent => :destroy
has_many :audios, :class_name => 'Audio', :dependent => :destroy
has_many :places, :class_name => 'Place', :dependent => :destroy
has_many :profile_pictures, :class_name => 'ProfilePicture', :dependent => :destroy

#####so..as now i know that **my user can have post/pages/audios/videos** etc...i can also get the details about those associations(assuming you have configured belongs_to in associated models as well + tables with foreign_key as user_id in eash associtated table),such as:-*

##to get all  videos that user has uploaded
@user.videos
##same applies for other associated models as well
@user.images..@user.audios...@user.pages.....@user.post....@user.places...@user.profile_pictures...etc
####So now you have all user(current_user data)...
###its time to show data in profiles_controller..
##your show method
## profile#show
def show
@user=User.find current_user.id
@all_user_videos=@user.videos..and so on
##get all user videos/images..etc and show it in your view file
##your view file can be the one that i shared the link or any other way that you want...
###there are lot of ways...google around and then you can get an idea as how to display user_profile page..as now you have the data(*Yipee*)

end##method ends

hope this helps

User profile creation in Rails, with Devise for users?

These are the steps I did to create that kind of environment:
Run these commands on the command line:

rails new pinterest
rails generate scaffold user name:string age:integer
rake db:create
rake db:migrate

Make the route:

# routes.rb
get '/:name' => "users#show"

Update the set_user method to find the user by name

# users_controller.rb
def set_user
  @user = User.find_by_name(params[:name])
end

Then all you need to do is create a new user and access it using it's name.

how to not let a user open any other users page?

Just change your UsersController#correct_user to catch ActiveRecord NotFound exception:

class UsersController < ApplicationController
  ...

  def correct_user
    @user = User.find(params[:id])
    redirect_to(root_url) unless current_user?(@user)
  rescue ActiveRecord::RecordNotFound
    redirect_to(root_url)
  end

end

Second root which redirects to users profile page when logged in without using Devise

In your static_pages_controller.rb file just add:

def home 
 if logged_in? 
  redirect_to current_user 
 end 
end

How to show public version of user profile in Rails?

There are tons of ways of doing this, and I do not think there is a cleanest way.

I would probably break the page into partials, one partial for each grouping of information you need.

Then you could have variables control which partials get rendered.

For example (in HAML):

- if @admin
  render :partial => 'admin_panel'

For the real simple stuff you could inline the if (and not have a partial)

Alternatively, if stuff is getting out of hand, you can have different views for each "show" page.


Related Topics

Upsert Multiple Records with Mongodb

Ruby Net-Ssh Login Shell

What's Wrong with the Square and Rectangle Inheritance

Rails 3 Caching: Expire Action for Named Route

Overriding Model in Gem, Adding Callback and Methods

How to Build Ruby 2.1.3 on Osx 10.10 Gm 3.0 with Rbenv

State MAChine, Model Validations and Rspec

Grit's Clone Method Is Undefined

Typeerror: Object Doesn't Support This Property or Method

Why Is the Splat Used Inside an Array Definition Here

Problem Running Thinking Sphinx with Rails 2.3.5

How to Access Current_User Object in Model

Getting Actioncontroller::Routingerror (No Route Matches [Options] "/Users" When Trying to Post Data to Rails Server with Angularjs

Ruby on Rails Global Activerecord::Enum

What Is $_[0] ,$_[1] in Ruby

How to Start Ruby 1.9 Without Rubygems

Blocks & Procs in Ruby

Convert Ip Address to 32 Bit Integer in Ruby


Leave a reply



Submit