Colin Law wrote:
> 2010/1/10 Alberto Lopez <li...@ruby-forum.com>:
>> Leonardo Mateo wrote:
>>> On Sun, Jan 10, 2010 at 11:30 AM, Alberto Lopez <li...@ruby-forum.com>
>>> wrote:
>>>> Hello, How can I do, when a user make a post, he only can edit his
>>>> posts?
>>>>
>>> Check for the owner of the post on the edit action?
>>
>> Exactly, if you have an user on my website an post anything, you will
>> edit or destroy only your posts.
>
> I think that Leonardo meant that in the edit and destroy actions you
> should test that the current user is the owner of the post and not
> allow the action to proceed if not the owner.
>
> Colin
Aaahm.. I think yes. I don't know another way to make it :S (I'm a
little bit novice. I know a little bit Ruby but I get into mess with
some things). I have thought to make a function current_user probing the
user by name and make an if sentence : if post.name == current_user{
edit, destroy }
For example, but I dont know how to make it exactly.. :S (I hear bells
but i dont know where)
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to rubyonrails-t...@googlegroups.com.
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
