My Rails 3.2 project has a devise-generated user and a set of models that

Question

0

Asked: June 5, 20262026-06-05T00:42:18+00:00 2026-06-05T00:42:18+00:00

My Rails 3.2 project has a devise-generated user and a set of models that

0

My Rails 3.2 project has a devise-generated user and a set of models that all contain data that’s specific to that user. I want a logged-in user to be able to access only his own data through the APIs exposed by the controllers.

Now, a brute-force way to enable this would be to change each and every controller from something like:

def index
  @stuff = Stuff.all

to

def index
  @stuff = Stuff.find_all_by_user_id current_user.id

And I have to repeat this for every single action of every single controller. Is there perhaps a more succinct and DRY way of achieving the same effect? The amount of boilerplate I have to write feels wrong.

Thanks!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-05T00:42:20+00:00

Editorial Team

2026-06-05T00:42:20+00:00Added an answer on June 5, 2026 at 12:42 am

Take a look at the CanCan gem.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My Rails 3.2 project has a devise-generated user and a set of models that

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply