Home/ Questions/Q 882475
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T12:25:56+00:00

I have an application with set limits on subscription attributes i/e a user can

  • 0

I have an application with set limits on subscription attributes i/e a user can have five projects for subscription A but have ten for subscription B

At present I run a check on there current usage when linking to the create action and if they are over there limit I do not display the link to create a new project. On the view (for the new project ) I again run the check (in a helper) to see if they can create a new project and if they are not I display a message stating so and a little upgrade link.

Is this a secure method of stopping a user bypassing there subscription attribute limitations ?

What about direct PUT requests etc ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can also validate that the user’s subscription allows starting a new project when a new project is created. This guarantee that even if they posted directly to the new_project_path they would get an error.

    class Project

  belongs_to :user

  validate_on_create :subscription_allows_new_project

  def subscription_allows_new_project
    unless self.user.subscription.max_projects > self.user.projects.count
      errors.add_to_base("Project limit reached, please upgrade today!")
    end
  end

end
    • 0