Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Posts controller...
- ...
- #I want to allow only the post owner to be able to view "show" their own post(s)
- ...
- # this will work
- def show
- @post = current_user.posts.find(params[:id])
- if @post.nil?
- flash[:notice] = 'Access Denied'
- redirect_to :action => 'index'
- return
- end
- respond_to do |format|
- format.html # show.html.erb
- format.xml { render :xml => @post }
- end
- end
- # I would do this though
- def show
- @post = current_user.posts.find(params[:id])
- (render(:nothing => true, :status => 403) && return) if @post.nil?
- respond_to do |format|
- format.html # show.html.erb
- format.xml { render :xml => @post }
- end
- end
- ... other basic crud methods
- ...
Add Comment
Please, Sign In to add comment