Activity
Since that user can add access to other users specific to that post, you'll probably want to create a join table between the two and then use CanCanCan to verify if they are the owner or an editor.
Right now you probably have this:
class Post
belongs_to :user
end
class User
has_many :posts
end
And if you refactor so that the users are stored in a join table, you can have multiple users with access to a post:
class Post
has_many :post_users
has_many :users, through: :post_users
end
class PostUser
belongs_to :post
belongs_to :user
end
class User
has_many :post_users
has_many :posts, through: :post_users
end
When you create a post, you'll want to add @post.users << current_user
so that the person who created the post is in the users list.
You can add another action to give access to another user which just accepts a user_id and does something like the following:
def add_user
@user = User.find(params[:user_id])
@post.users << @user
redirect_to @post, notice: "#{@user.name} can now edit the post"
end
Then you can simply use CanCanCan to check if the user is in the users array for a post. If they are they can manage the post; if they aren't they can't manage the post.
Does that make sense for what you want?
Posted in video about sortable lists
Oh that's a good point. It's not formatted properly for strong_params, so you'd have trouble with it accepting things. I'll definitely plan on covering an update to that to how to do it formatted a little more standardized for strong_params.
In the meantime, you should be able to change your require & permit to just this:
def order_params
params.permit(section: [])
end
Note that you'll only want to use this on the sort action and not the rest of the regular crud actions.
Maybe they aren't using something as friendly as Ruby on Rails. ;-)
Exactly! Devise uses a "reset_password_token" that gets sent over email to you. When you click the link, the token is in the url and then gets put in the new password form. When you submit the form, it looks up your user by that token and then updates your password and signs you in.
Posted in Token Auth API with Devise
<3
Posted in Token Auth API with Devise
Here's a first episode on the topic! :) https://gorails.com/episodes/api-tokens-with-devise-token-authenticatable
API tokens in Redis would be useful for accessing them very quickly without hitting the database. Performance would be the primary reason here and you could also have them autoexpire using the built in Redis expiration functionality
Paste a Github gist of your code and the HTML it generates and I'll take a look for ya!
Check out the gem documentation for some more info on I18n https://github.com/basecamp...
Oh I bet that's the case. I would guess that the jquery-ujs script listens to the form's submit event and since you aren't firing it, it won't happen.
It seems you could probably call the jquery-ujs methods to disable the elements in your callback. https://github.com/rails/jq...
It looks like when I change it to type="button" the form does not submit which means the JS won't fire either.
Hmm. I've got this on the login page here on GoRails:
<button class="btn btn-success btn-lg btn-block" data-disable-with="<i class='fa fa-spinner fa-spin'></i> Signing in..." name="button" type="submit">Sign in</button>
Only other thing I can think of is maybe your jquery-ujs isn't being loaded successfully and so it never gets triggered on click.
You won't use it with <input> at all because neither <input type="submit"> nor <input type="button"> allow for HTML inside of it. You'll have to use the <button></button> tag to use this.
I'm super happy to hear that! :) Let me know if you've got any other topics you'd like me to explain!
Glad you got it working! The config/secrets.yml
works very similarly to your config/database.yml
and it's the file that you can store environment variables in with Rails 4.1+. You can create it on the server manually and have Capistrano symlink it just like database.yml or you can store a copy in your git repo which might be easier.
Awesome, making progress! :)
I think you might want to check your passenger_ruby
line in nginx.conf
to make sure it points to the right version.
You may actually need to do this from the postgres
user because it may be the only one that has admin permissions to do that. They set up their security permissions by default pretty well.
Check out this document https://help.ubuntu.com/community/PostgreSQL#Create_database
They mention:
sudo -u postgres createdb mydb
I can't remember what I used to create my pg database last time, but that looks about right.
Posted in Capistrano deployment errors
That would do it. Subtle but important! :)
Ah yeah, you need to run that in one of the releases directories (as long as your Rails code is in there). If there aren't any, you can create the database manually with the postgres command prompt.
That command they suggest there is incorrect if the database doesn't exist. You can ssh into your server and run the following command to create your db, then your deploy should be able to run the migrations.
RAILS_ENV=production bundle exec rake db:create
Is your database.yml
created manually on the server or is it in your git repository?