I have 3 Controllers: Sites, Users & Sessions. I have all of the authentication

Question

0

Asked: May 27, 20262026-05-27T05:45:12+00:00 2026-05-27T05:45:12+00:00

I have 3 Controllers: Sites, Users & Sessions. I have all of the authentication

0

I have 3 Controllers: Sites, Users & Sessions. I have all of the authentication setup, and I set the object current_user in the applications controller once a user logs in. Now, all I want to do is only allow users to see their sites (the sites model has a: “belongs_to :user”).

class SitesController < ApplicationController

def index
    #this was Site.all, but I changed it. Is there a better way to do this?
    @sites = Site.find_all_by_user_id(current_user.id)
    # respond to ... etc
end

# Now, for show, edit and update, I want to ensure the site belongs to the user. How can I add that?
def show
    @site = Site.find(params[:id])
    # respond to ... etc
end

If more information is needed (the model, entire controller, etc), just let me know and I’ll ad it!

Thanks!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T05:45:13+00:00

Editorial Team

2026-05-27T05:45:13+00:00Added an answer on May 27, 2026 at 5:45 am

I can’t catch up your idea very clearly. But seems what you want is something like below:

def show
    @site = Site.find(params[:id])

    # check if the site belong to current user
    redirect_to some_user_default_path if @sites.user != @current_user

    # respond to ... etc
end

Hope it can help.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have 3 Controllers: Sites, Users & Sessions. I have all of the authentication

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply