"show" action - restrict manual url change from user to view

This is "show" action in my "category controller".

   #---- Show ---
  def show
    # @category=Category.find(params[:category_id])
     @category=Category.find(params[:category_id])
  end

"show" action - restrict manual url change from user to view the
inactive records. "
Active/inactive are set via status column in category table.
where status='A'

since the url shows up in the url bar, the user can simply type in a
different category_id and view the record, even if status = 'I'
but, i don't want the user to modify the url and view the category where
status <> 'A'
In short, the users get to view only status='A'

How do i do this for show action? (since this accepts a param)
I made the change for list action and list is working fine and shows
only where status='A'. List doesn't accept any params such as
"category_id" so it was ok.

but this show accepts a param which is category_id.

let me know how i could get the result of showing only actives and none
other statuses, directly from the url or via show action.

thanks,
radha.

(i have tried by best to communicate.. but let me know if any is not
clear. i will re-iterate)

thanks

This is "show" action in my "category controller".

#---- Show ---
def show
# @category=Category.find(params[:category_id])
@category=Category.find(params[:category_id])
end

"show" action - restrict manual url change from user to view the
inactive records. "
Active/inactive are set via status column in category table.
where status='A'

since the url shows up in the url bar, the user can simply type in a
different category_id and view the record, even if status = 'I'
but, i don't want the user to modify the url and view the category where
status <> 'A'
In short, the users get to view only status='A'

How do i do this for show action? (since this accepts a param)
I made the change for list action and list is working fine and shows
only where status='A'. List doesn't accept any params such as
"category_id" so it was ok.

but this show accepts a param which is category_id.

let me know how i could get the result of showing only actives and none
other statuses, directly from the url or via show action.

Add a condition to the find call so that it only finds active
categories. If the id does not match a valid category then it will
return nil.

Colin

If you're doing this a lot, you should add it as a scope to the
Category model:

class Category < ActiveRecord::Base
  named_scope :active, :conditions => { :status => 'A' }
end

Then your controller action could be:

def show
  @category = Category.active.find(params[:category_id])
end

which will throw a RecordNotFound if the supplied ID isn't also
active.

BTW, the use of :category_id in the above sample is odd - if you're in
CategoriesController and have the standard routing, (/categories/:id)
the parameter will be named :id. :category_id would be used if, for
instance, you had a nested route to a Post model:

/categories/:category_id/posts
/categories/:category_id/posts/new

etc.

--Matt Jones

Thanks Matt.

I see a lot of named_scope question.
I have just started with rails and have created a few paages manually
without scaffolding, but producing the same results.
That is where i stand with rails.

I am not clear on the named_scope.
Sorry for this silly question.
What is this named_scope. You have provided a very good example, but
still..
I'm sure all gurus are aware of it, i see it recommended by several ppl.

thanks in advance.

radha

Matt Jones wrote:

Try googling for named_scope. It will provide many useful links.
Did you not think of that yourself? Google is generally much quicker
than waiting for a response on the list ( 5 seconds vs 7 hours in this
case).

Colin

Of course, i google and get into tutorials and books on rails.
This one i just to want to get some inputs from experts as i am in my
learning curve to get into rails.

thanks again for all ur help in this forum. It helps who are in the
learning curve.

thanks,

thanks again,
radha.

Colin Law wrote: