Home/ Questions/Q 6973011
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T17:03:12+00:00

I am currently reading a book, and learning ruby on rails. (Agile Web Development

  • 0

I am currently reading a book, and learning ruby on rails. (Agile Web Development with Rails 4th Edition) .In the book it says how to write a simple product list and display it. I am modifying this idea, to create a user login system.
I am only working on the views now.

So I just need to make sure that my idea is right. My idea is:

The show.html file from the USER model, show data for one user. (given of course its ID)
for example : http://localhost:3000/users/980190974 will give me the html page for the current user right? Now I can allow the user to edit his/her information by using the
<%= link_to 'Edit', edit_user_path(@user) %> link or restrict him from viewing other users by removing the <%= link_to 'Back', users_path %> << that lists all the users from the database. But before the user views his/her details he must login, using his email and password. So by making an html page, that takes 2 strings (username, and password) searches my mySQL database and return the user ID , that I then use to “render” the user’s HTML page.

Is my way of thinking correct? Or am I just completely irrelevant on how Ruby on Rails works? O_o

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You are heading in the right direction. One thing to point out is that simply removing the link <%= link_to 'Back', users_path %> is not sufficient to avoid other users from accessing the /users path. In the (user) controller you have to use something like:

    class UserController < ApplicationController
  def index
    unless current_user.is_admin
      redirect_to user_path(current_user)
      return
    end
    ... rest of code here
  end
end

    where current_user could be a method returning the user object

    • 0