Custom current_user devise + Mongoid_问答_开发者

开发者 https://www.devze.com 2023-04-10 14:18 出处：网络

I have devise + a scaffold \"house\" created, and I want that a user only can edite your own house. This is my houses_controller:

I have devise + a scaffold "house" created, and I want that a user only can edite your own house.

This is my houses_controller:

def authenticate_owner!
  @house = house.find(params[:id])
    if user_signed_in? && current_user.email == @house.user.email
      return true
    end
    redirect_to root_path, :notice => "You must have permission to access this category."
      return false
    end

I have too this code in the top houses_controller:

before_filter :authenticate_owne开发者_开发知识库r!
skip_before_filter :authenticate_owner! , :only => [:show, :index, :new]

but not working, always show the message:

"You must have permission to access this category."

how I can get the user who created the scaffold and compare it to the user who is registered?

You need to put an else there.. you probably meant to write:

def authenticate_owner!
  @house = house.find(params[:id])
    if user_signed_in? && current_user.email == @house.user.email
      return true
    else
      redirect_to root_path, :notice => "You must have permission to access this category."
      return false   # this will never be executed!!
    end
end

Fixed :D The problem is @house = house.find(params[:id]), is: @house = House.find(params[:id])