Ruby on Rails

This is my code for my index.html.erb scaffold
as you can see the if else stops a user to "show, edit or destroy" the
entries. However, they can create a new Rota entry by clicking New
Rotum. I can get rid of the admin part in Show, edit, destroy and
everyone will be able to do everything. But I want a user to be able to
only show edit destroy their OWN entry and not everyone elses too
because that is what happens when I authenticate a user to do this?


<h1>Listing rota</h1>

<table id = "tabletest">
<thead>
<tr>
<th>Name</th>
<th>Mobile</th>
<th>Email</th>
<th>Category</th>
<th>Other</th>
<th colspan="3"></th>
</tr>
</thead>

<tbody>
<% @rota.each do |rotum| %>
<tr>
<td><%= rotum.name %></td>
<td><%= rotum.mobile %></td>
<td><%= rotum.email %></td>
<td><%= rotum.category %></td>
<td><%= rotum.other %></td>

<% if current_user.try(:admin?) %>
<td><%= link_to 'Show', rotum %></td>
<td><%= link_to 'Edit', edit_rotum_path(rotum) %></td>
<td><%= link_to 'Destroy', rotum, method: :delete, data: {
confirm: 'Are you sure?' } %></td>
</tr>
<% end %>
<% end %>
</tbody>
</table>

<br>
<% if user_session %>
<%= link_to 'New Rotum', new_rotum_path %>
<% end %>

--
Posted via http://www.ruby-forum.com/.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/a2aa649ac285cd6d2bac5cd2c9dfe0f8%40ruby-forum.com.
For more options, visit https://groups.google.com/d/optout.