Last active
December 12, 2019 14:53
-
-
Save x1wins/0d3f0058270cef37b2d3f25a56a3745d to your computer and use it in GitHub Desktop.
model user_id onwer check
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::Base | |
def is_owner user_id | |
unless user_id == current_user.id | |
render json: nil, status: :forbidden | |
return | |
end | |
end | |
def is_owner_object data | |
if data.nil? or data.user_id.nil? | |
return render status: :not_found | |
else | |
is_owner data.user_id | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ArticlesController < ApplicationController | |
before_action :authenticate_user!, only: [:new, :update, :destroy] | |
before_action :set_article, only: [:show, :edit, :update, :destroy] | |
before_action only: [:edit, :update, :destroy] do | |
is_owner_object @article | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment