Ruby on Rails Tuesday, June 30, 2015

Manage privilege at the model level...

On Tuesday, June 30, 2015 at 1:58:38 PM UTC-4, Jason Hsu, Ruby on High Speed Rails wrote:
The code in question works, but Rails Best Practices docks me with a scope access warning.  The code in question is:

  def show
    # NOTE: rails_best practices recommends using scope access
    redirect_to(root_path) unless current_user == User.find(params[:id])
    @user = User.find(params[:id])
  end

How can I get this code to comply with the scope access standard?

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/1416593c-4e23-4af2-a043-b5f966f95971%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment