delete data from 2 different models

I have this code inside the account controller in the "destroy" method
def destroy
  @account = Account.find(params[:id])
  @portal = Portal.find(:all, :conditions => ['account_id = ?', ])
any ideas?

the error displays this:

NoMethodError in AccountsController#destroy

undefined method `destroy' for #<Array:0x47982a0> app/controllers/
accounts_controller.rb:78:in `destroy'




for portal in @portal

Because when you do Portal.find I think you're getting an array, not a
portal? </random guess>

Thank you!,

Awesome. i was stuck over there,
the answere is so simple.

I love rails.

The better way would be to use :dependent => :destroy in the model.

class Account << ActiveRecord::Base
  has_many :portals, :dependent => :destroy

and in the controller,

def destroy
  @account = Account.find(params[:id])

I believe this will work.

Passing params data directly to find() is a bad habit to get into.

Account.find( :first, :conditions => [ 'id = ?', params[:id] ]
).destroy rescue nil

Hey Greg,

It's not a bad idea if you're passing an id direct into params. I do
believe in this format it's properly sanitized already.

It converts it using the "to_i" function, because it assumes a primary
key lookup. "to_i" will yield to an integer value of 0 when applied to
a string.

There's absolutely no problem with passing a param value directly into
find using this method of find.

If you're passing it in as a condition, however, then yes, use the
question-mark or named-param method which will sanitize it better.


Learn Ruby on Rails! Check out the FREE VIDS (for a limited time)
VIDEO #4 parts a and b now available!

I said it's a bad _habit_ to get into, and it is. The day will come
when you will make a custom route with a fairly liberal regular
expression that will allow an SQL exploit. It's best to just never
develop the habit of trusting params to begin with.

Greg Donald wrote:

  @account = Account.find(params[:id])

Passing params data directly to find() is a bad habit to get into.

Account.find( :first, :conditions => [ 'id = ?', params[:id] ]
).destroy rescue nil

I may be wrong here, but the primary problem seems to be being able to
delete arbitrary accounts (in this case) by passing in the right
parameters. You might want to limit the scope of the delete to the
current user like this:

class ApplicationController < ActionController::Base
  def current_user
    @current_user ||= User.find session[:user_id] if

And in your controller: