Home/ Questions/Q 7850381
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T18:49:45+00:00

I’m trying to add a button to mark a reply as read in Rails.

  • 0

I’m trying to add a button to mark a reply as read in Rails. I currently have something like this. 

# /app/models/ability.rb
...
can :manage, Reply, :user_id => user.id
...

I have also load_and_authorize_resource in my RepliesController

# /app/controllers/replies_controller.rb
class RepliesController < ApplicationController
  load_and_authorize_resource

  def update 
    @reply = Reply.find(params[:id])
    @reply.isRead = true
    if @reply.save
      flash[:notice] = "Marked as ready."
      flash[:alert] = params[:id]
      redirect_to root_path
    else
      render :action => 'new'
    end
  end

I have a button where users can mark a Reply as read. 

  = button_to "Mark as read", idea_reply_path(reply.idea,reply), :method => "put"

Problem is that since I’m trying to update an object from other user.id owner as defined in ability.rb (top) I don’t have privileges to edit it.

If I add something like this It will work but I’m also giving rights to manage the whole reply object to the other person. 

can :manage, Reply, :to_user_id => user.id

I’m needing a way to only allow the user to manage the attribute isRead? of an object where he’s user.id matches the to_user_id.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can define a new action for in the controller like mark_as_read

     def mark_as_read
  #action to mark as read  
 end

    and in the abilities define

    can :manage, :Reply, :user_id => user.id
can :mark_as_read, :to_user_id => user.id

    The ordering is very important. Now the logged in User can manage Replies and the user who is the user will have only ability to mark_as_read.

    • 0