{"id":1118,"date":"2015-08-04T06:37:39","date_gmt":"2015-08-04T06:37:39","guid":{"rendered":"http:\/\/www.honobono-life.info\/wpeng\/?p=1118"},"modified":"2015-08-04T06:37:39","modified_gmt":"2015-08-04T06:37:39","slug":"update-require-the-right-user","status":"publish","type":"post","link":"http:\/\/www.honobono-life.info\/wpeng\/update-require-the-right-user\/","title":{"rendered":"Ruby on Rails Tutorial update require the right user"},"content":{"rendered":"

1)Rails controller<\/strong><\/p>\r\n\r\n

$ vi app\/controllers\/users_controller.rb<\/p>\r\n\r\n

\r\nclass UsersController < ApplicationController\r\n  before_action :correct_user,   only: [:update]\r\n\r\n  private\r\n    def correct_user\r\n      user = User.find(params[:id])\r\n      remember_token = User.encrypt(cookies[:remember_token])\r\n      current_user ||= User.find_by(remember_token: remember_token)\r\n      if current_user != user\r\n        render status: :unauthorized\r\n      end\r\n    end<\/pre>\r\n\r\n
2)AngularJS controller<\/strong><\/p>\r\n\r\n
$ vi app\/assets\/javascripts\/mymodule.js.erb<\/p>\r\n\r\n
\r\nmyModule.controller("UsersNewCtrl", function($scope, userResource, $location, flashService, $routeParams, sessionResource, $q) {\r\n......\r\n......\r\n  var deferred = $q.defer();\r\n  deferred.promise.then(function (result) {\r\n    var user_info = result;\r\n    if ($routeParams.id) {\r\n      if (user_info.user.id == $routeParams.id) {\r\n.........\r\n<\/pre>","protected":false},"excerpt":{"rendered":"
1)Rails controller $ vi app\/controllers\/users_controller.rb class UsersController < ApplicationController before_action :correct_user, only: [:update] private def correct_user user = User.find(params[:id]) remember_token = User.encrypt(cookies[:remember_token]) current_user ||= User.find_by(remember_token: remember_token) if current_user != user render status: :unauthorized end end 2)AngularJS controller $ vi app\/assets\/javascripts\/mymodule.js.erb myModule.controller("UsersNewCtrl", function($scope, userResource, $location, flashService, $routeParams, sessionResource, $q) { …… …… var deferred = $q.defer(); […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[137],"tags":[35,168,170],"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/posts\/1118"}],"collection":[{"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/comments?post=1118"}],"version-history":[{"count":1,"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/posts\/1118\/revisions"}],"predecessor-version":[{"id":1119,"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/posts\/1118\/revisions\/1119"}],"wp:attachment":[{"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/media?parent=1118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/categories?post=1118"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.honobono-life.info\/wpeng\/wp-json\/wp\/v2\/tags?post=1118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}