Listing & Editing Profile Pages -

11155 · October 9, 2015, 12:20am

I am relatively new to this and completely lost. I'm trying to make a user's profile page. If the user is an admin, they can see all the users, as well as access and edit/update each user's profile page.

I finally got it to work...but when I logged in as a user I received several errors which can be noted in the accompanying jpgs.

The first jpg is the url that I am assuming the user will go to for their profile page.

The second jpg (User-Index) is the error I get when I try to access the index page as a non-admin.

The third jpg (User-Edit) is the error I get when I try to access the Edit page for a user account as a non-admin.

The project can be found at: GitHub - GBressler/esl-site

Any help that could be proved on these issues would be greatly appreciated.

Here is my Users Controller:

class UsersController < ApplicationController before_action :set_user, only: [:show, :edit, :update, :destroy]

def index if current_user.id == 1 @users = User.all else render 'profile_page' end end

def show render 'profile_page' authorize! :show, @user @user = User.find(params[:id]) current_user.first_name end

def update end

def edit authorize! :edit, @user end

def destroy end

private

def set_user @user = User.find(params[:id]) end

def user_params params.require(:user).permit(:id, :first_name, :last_name, :email, :username) end end

Here's the code for my yet-to-be developed Edit and Profile Page: <h1>hi</h1>

Here's the code for the index page that the admin sees:

<h1>Listing users</h1>  <% if notice %> <p id="notice"><%= notice %></p> <% end %>

<table> <thead> <tr> <th>Name</th> <th>Username</th> <th></th> <th></th> </tr> </thead>

</table>

Attachments: http://www.ruby-forum.com/attachment/11128/nonadmin-user-page.jpg http://www.ruby-forum.com/attachment/11129/User-Index.jpg http://www.ruby-forum.com/attachment/11130/User-Edit.jpg

Colin_Law · October 9, 2015, 7:41am

I am relatively new to this and completely lost. I'm trying to make a user's profile page. If the user is an admin, they can see all the users, as well as access and edit/update each user's profile page.

I finally got it to work...but when I logged in as a user I received several errors which can be noted in the accompanying jpgs.

Please don't post images, copy/paste the error here from the server terminal window (which is often more informative than the browser display).

The first jpg is the url that I am assuming the user will go to for their profile page.

Where did you get that code for application_controller? It is not correct. Go back to wherever you got it from and check it carefully. I imagine PRESENT? should be present?

The second jpg (User-Index) is the error I get when I try to access the index page as a non-admin.

As the error says, @user is nil.

The third jpg (User-Edit) is the error I get when I try to access the Edit page for a user account as a non-admin.

This is the same error as the first one.

Colin

11155 · October 10, 2015, 3:39am

Ruby is case-sensitive. In your first jpeg, change the `PRESENT?` method to `present?` (on line 16 of your UsersController file)

Your second jpeg is showing that you haven't initialized your @user object in the index action. You can initialize it in the UsersController file, in the `index` method.

In your last jpeg, the error is the same error as the first jpeg.

11155 · October 10, 2015, 10:16pm

Thanks, Christian. you've given me some things to consider, but Present? is only in the error message, not in my code. Things seem to work a little better if I comment out the authorize! line in my show and edit methods, but then the sign out seems to break as well as the dynamic elements of my profile page (including the admin pages). I am not sure how to proceed.

11155 · October 11, 2015, 12:59am

My error was that I overlooked adding authorization for User in my CanCan ability.rb file. It fixes most of my errors, but still leaves my with the problem of not being able to sign out or having the dynamic elements of my html.erb pages work.

Colin_Law · October 11, 2015, 7:47am

Have a look at line 16 in

github.com

GBressler/esl-site/blob/master/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  before_filter :set_locale
 


  before_filter :configure_permitted_parameters, if: :devise_controller?
  
  rescue_from CanCan::AccessDenied do |exception|
    if current_user.nil?
      session[:next] = request.fullpath
      redirect_to login_url, :alert => "Please login to continue."
    else
      if request.env["HTTP_REFERER"].PRESENT?
        redirect_to :back, :alert => exception.message
      else
        render :file => "#{Rails.root}/public/403.html", :status => 403, :layout => false
      end

This file has been truncated. show original

Colin

Topic		Replies	Views
Unknown action No action responded to show rubyonrails-talk	4	200	November 4, 2008
Having trouble with CanCan rubyonrails-talk	1	141	December 1, 2010
"Edit my Profile" feature rubyonrails-talk	0	77	September 9, 2006
help with a daft question....:-) rubyonrails-talk	3	176	June 7, 2010
Routing errors in production, RoR 1.2+ rubyonrails-talk	4	102	April 5, 2007

Listing & Editing Profile Pages -

Related topics

More Resources