I am fairly new to Ruby On Rails and right now I am doing

Question

0

Asked: May 17, 20262026-05-17T15:08:41+00:00 2026-05-17T15:08:41+00:00

I am fairly new to Ruby On Rails and right now I am doing

0

I am fairly new to Ruby On Rails and right now I am doing a simple app. In this app a user can create many items and I use devise for authentication. Ofcourse I want to make sure that you are the owner in order to delete items (Teams, Players etc) and the way I do it now is:

def destroy
    @team = Team.find(params[:id])
    if current_user.id == @team.user_id 
      @team.destroy    
      redirect_to(teams_url, :notice => 'The team was deleted.')
    else
      redirect_to root_path
    end      
end

Is this the best way? I was thinking about putting a method in the model but I am not sure I can access current_user from there. I was also thinking about a before_filer, something like:

before_filter :check_ownership, :only => [:destroy, :update]

I that case and if I want to code only one method for all objects (all objects this relates to have a “user_id”-field)

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-17T15:08:41+00:00

Editorial Team

2026-05-17T15:08:41+00:00Added an answer on May 17, 2026 at 3:08 pm

In my application controller I put:

before_filter :authorize

def authorize
  false # Or use code here to check if user is admin or not
end

Then I override the authorize method in my actual controller to allow access to various actions.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am fairly new to Ruby On Rails and right now I am doing

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply