Skip to content

Use scope access

Jump to bottom Edit New page
Richard Huang edited this page Aug 15, 2010 · 3 revisions

Please go to: http://rails-bestpractices.com/posts/3-use-scope-access

Before:


class PostsController < ApplicationController

  def edit
    @post = Post.find(params[:id])

    if @post.user != current_user
      flash[:warning] = 'Access denied'
      redirect_to posts_url
    end
  end

end

After:


class PostsController < ApplicationController

  def edit
    # raise RecordNotFound exception (404 error) if not found
    @post = current_user.posts.find(params[:id])
  end

end
Add a custom footer
Add a custom sidebar
Clone this wiki locally