5

So I've used the logic in the "authentication from scratch" railscast at http://railscasts.com/episodes/250-authentication-from-scratch and it seems to work and I can stick a "You are logged in as..." message at the top of the page.

But if I want to do something like log who submitted a post I've hit a bit of a wall.

I don't want to submit it through a hidden field in the new post form, because I guess there are security issues with that.

I don't want to use the "belongs to" logic in the rails tutorial at http://ruby.railstutorial.org/ruby-on-rails-tutorial-book because although it would technically work here, I might in the future need to log who created an entry where the "belongs to" relationship doesn't exist.

What I tried to do was create a "before save" function call in my post model that assigns a "created_by" value, but I guess models can't access the current_user that was created as per the authentication railscast.

So now I've got no idea how to do something like this.

EDIT: New to Ruby, new to ERD, all that, but what I mean by the belongs to relationship doesn't exist is if there were, say, a rating system for posts, each rating would belong to a post. But I'd also want to log who submitted each rating.

user1299656
  • 630
  • 1
  • 9
  • 15
  • Can you expand on this statement? "I might in the future need to log who created an entry where the "belongs to" relationship doesn't exist." – James Mar 29 '12 at 02:38
  • http://stackoverflow.com/questions/1568218/access-to-current-user-from-within-a-model-in-ruby-on-rails http://stackoverflow.com/questions/2513383/access-current-user-in-model – Nash Bridges Mar 29 '12 at 06:08

3 Answers3

7

If I understand well the problem you have is the fact you can't see which user is currently loggen using current_user helper method in your model, you can just set the created_by attribute of the post in the Post controller before to save it, something like:

def create
  @post = Post.new(params[:post])
  @post.created_by = current_user.id
  if @post.save
    redirect_to whereyouwant_url, :notice => "Post successfully created"
  else
    render "new"
  end
end
Aldo 'xoen' Giambelluca
  • 12,075
  • 7
  • 33
  • 39
  • Thanks, I suspected something like this should be possible, maybe even seen an example of it before, but Rails is a bit overwhelming so far. Pretty sure this is exactly what I need. – user1299656 Mar 29 '12 at 14:01
  • during update, we need to pass this same? bcoz i am getting the created_by removed while update.. :( – ramamoorthy_villi Oct 17 '15 at 06:35
0

(alternative to Aldo 'xoen' Giambelluca answer)

I think you should use a belongs_to relationship as explained by loosecannon, but if you really don't want, add the following method in your User class:

def new_post(params)
  post = Post.new(params)
  post.created_by = id 
  post
end

and in your controller:

def create
  @post = current_user.new_post(params[:post])
  if @post.save
    redirect_to @post, notice: 'Post successfully created'
  else
    render 'new'
  end
end
Tony - Currentuser.io
  • 1,477
  • 2
  • 10
  • 7
0

Ok, not sure what complications exist, but here goes:

so addind a belongs_to makes the post have a field called user_id that is a foreign key for the user's id. if you added a created by, this would do the same thing, except you would have to program the updating and derefreneces yourself. I think that this is probably the best way to get this functionality, and you would just have to add it later to the parts that don't have it, but rails makes it easy. 

class User < ActiveRecord::Base
  has_many :posts
end

class Post < ActiveRecord::Base
  belongs_to :user, :as => :created_by
end



post.created_by
user.posts

would give you access to that user, and is this is equivalent to using what you talked about, except rails would do its magic and add methods for you.

EDIT: if this doesn't work for you, sorry your question wasn't clear on why you needed certain things, but you can always add belongs to relationship pretty easy, thats what I would recommend.

loosecannon
  • 7,683
  • 3
  • 32
  • 43
  • Technically this would work, and I haven't had any problems with it. My concern is that if I need more than one foreign key in other areas this will be a problem. If I had post ratings, for instance, I would need each rating to belong to a post but I would also want a log of who submitted each one. Is it possible to have more than one "belongs to" relationship and fill both foreign keys this way? – user1299656 Mar 29 '12 at 14:05
  • from what i understand, yes that would work. I have models with 4 belongs to and 2 has_manys, you just add more columns, post_id, submitter_id, rating_id, etc – loosecannon Apr 13 '12 at 17:39