thank you

There's this setting (in "config/environments/test.rb" for test env):

config.action_controller.allow_forgery_protection = false (default for test env)

Hello,

I've read the rails introduction and followed the examples. It was quite understandable. But the form validation didn't work as expected.

My form begins with

<%= form_with(model: @article) do |form| %>

  <% if @article.errors.any? %>

...

and in the class is the validation rule:

validates :title, length: { minimum: 5 }

...

part of the controller:

def update

@article = Article.find(params[:id])

if @article.update(article_params)

redirect_to @article

else

render :edit

end

end

the problem is:

if the title is too short (for example) I can push the update-button but nothing happens. There is no reload of the page at all, no errors are shown. Is the title is long enough, the submit-button works correctly. Do I change the form_with to (scope: :article, ...) then the errors are shown.

I use Rails 5.1.4 

Thx for a response

--

You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.

To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.

To post to this group, send email to rubyonrails-talk@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/29836bfe-e8ce-4ecc-a1b1-c36bbbc4e599%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Hi,

On Mon, Jan 29, 2018, at 23:51, Rob Jonson wrote:
>
> however - what concerns me is that the bug triggered an exception in
> production which was not caught in test.
>
> steps to trigger the bug are
>
> 1) create an account
> 2) log out
> 3) sign in
>
> I test this explicitly in an rspec capybara test using chrome with
> javascript enabled.
> In the test, I don't get the exception.
>
> can anyone explain why?
>

There's this setting (in "config/environments/test.rb" for test env):

config.action_controller.allow_forgery_protection = false (default for test env)

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/1517240485.2766764.1251921520.14898AB0%40webmail.messagingengine.com.
For more options, visit https://groups.google.com/d/optout.

A mounta

> On Jan 26, 2018, at 12:36 PM, fugee ohu <fugee279@gmail.com> wrote:
>
>
>
> On Friday, January 26, 2018 at 9:06:47 AM UTC-5, Walter Lee Davis wrote:
>
> > On Jan 25, 2018, at 8:41 PM, fugee ohu <fuge...@gmail.com> wrote:
> >
> > Unless i'm gonna show my ads on their pages what can my user's users do for me in a multi tenant multi user blog in terms of monetizing
>
> The whole point of software as a service is that your users pay you to be on your platform. Ads don't enter into it. You provide a full-featured set of tools for blogging, and they pay you for the convenience of using it. You improve that service over time, and they continue to pay you for it.
>
> One of the features you may provide is a one-click way to add ads to *their* blog, and choose which ads are appropriate for *their* audience. If you write that tool, and make it easy to use (and profitable for *your* users), then they will continue to pay you for the privilege of using your platform. Ideally, you should not be getting any bit of their ad revenue (except some transaction fee, if you manage the money for them). Neither should you be putting your ads (which make sense for you) into their blog (which you have never even seen, so how could you find appropriate ads?).
>
> If you do this right, then your users will make more money in ads (or at least break even) than they pay you for the service (or at least break even). If you have priced your service correctly, then your customers will not feel as though they are being ripped off, and will think that the price they pay for the convenience is worthwhile.
>
> Walter
>
> To get money from users I'd do a different type of site like an auction, marketplace or ecommerce site I don't expect anyone to pay me to use a blogging platform Do tumblr users pay for the service or get it free?

I don't know. It's just that when you start talking about multi-tenant software, my mind goes to other problems that pattern solves, which all tend to be pay-to-use.

If you want to make a Tumblr clone, then you could just add a wrapper layout around all published blogs, and your ads would appear there. Depending on how you structure your layout and templates, that could mean header, footer, skyscrapers, almost anything except inserted within the body of the user's content. And if you control the rendering, I suppose you could even break out their content by major blocks (paragraphs, sections, whatever they use to divide their content) and insert an ad every N of those. Nokogiri is how I would do that.

How invasive you get here has to do with what sort of "free" your users are willing to put up with, I would say. If Tumblr adds a header and footer ad, and doesn't share the revenue, then that's one kind. YouTube lets content creators monetize in various ways, some of which they share with the creators, and some of which they don't, including popover ads and other nastiness that I keep removing with browser plugins. 8-)

If you write the blogging engine yourself, then you have access to all of these parts and can do pretty much whatever you want. If you're trying to coerce a blog-in-a-box gem to do this, then you'll probably have to start by reading all the code to that gem, find out where it gets it layouts and templates and partials from, and start adding those to your parent application one at a time until you find the lever you need. And if you can't get it from there, try raising an issue on that gem's Github project.

Walter

>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/1d83fa66-acbb-413a-b246-735b5564b2a8%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/54205CCA-8743-438A-ABD2-DEBDA0871216%40wdstudio.com.
For more options, visit https://groups.google.com/d/optout.

> On Jan 26, 2018, at 12:36 PM, Prince Bansal <er.princebansal@gmail.com> wrote:
>
> Okay. You're not going to be able to access current_user in a model like this. There's just no notion of who is using the app in the Model context. In a controller or view, yes, you can do this (although I would recommend you use CanCanCan or Pundit to abstract the authorization away into its own domain).
>
> - There are two type of users updating this record. One with admin permission and another with area_admin. But in case of area admin I also need to check that record should not be older than 7 days. I am already using pundit for authorization.
>
> You want to think about this from the perspective of can_edit? rather than is_editable?. The former works on a user, which the controller or view would know about. The latter is specific to the instance of the model -- has it had the "publish" checkbox clicked? has an admin approved it? etc.
>
> I suspect you will keep your is_editable? method (without the user-specific stuff) and then add on to that with a can_edit? method that may in fact also invoke the is_editable? method from its target.
>
> - It means I need to remove before_save callback and simply keep is_editable method and invoke it on target object with can_edit? in controller? Right?

That could work. Another way to do this is to loop it into a validation. can_edit? could govern whether the edit button appears in the view, but if you added it to the validations, then it could also keep you from saving a record you shouldn't if you somehow manage to get the form to load (by hacking the path).

Walter

>
> On Friday, January 26, 2018 at 6:36:50 PM UTC+5:30, Prince Bansal wrote:
> Hello Guys,
>
> I faced a situation in Rails that I need current_user method inside model. There is a condition that I do not have any column that is associated
> with current_user in model. I do not want to declare virtual attribute in each activerecord model also do not want to set it in global variable. How can I achieve this?
>
> Your help will be highly appreciated.
>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/7c51e795-9593-47d9-a3c6-99b3cc6c8cbc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/471BC3D5-648A-4C22-96B3-E5A9E61DEE25%40wdstudio.com.
For more options, visit https://groups.google.com/d/optout.

Okay. You're not going to be able to access current_user in a model like this. There's just no notion of who is using the app in the Model context. In a controller or view, yes, you can do this (although I would recommend you use CanCanCan or Pundit to abstract the authorization away into its own domain).

You want to think about this from the perspective of can_edit? rather than is_editable?. The former works on a user, which the controller or view would know about. The latter is specific to the instance of the model -- has it had the "publish" checkbox clicked? has an admin approved it? etc.

I suspect you will keep your is_editable? method (without the user-specific stuff) and then add on to that with a can_edit? method that may in fact also invoke the is_editable? method from its target.

Walter

> On Jan 26, 2018, at 11:26 AM, Prince Bansal <er.princebansal@gmail.com> wrote:
>
> Here is the code snippet.
>
> class Attendance < ApplicationRecord
>
> ATTENDANCE_EDITABLE_VALIDITY = 7
>
> before_save :is_editable?
>
> belongs_to :attendance_detail
>
> def is_editable?
> errors.add(:attendance, 'modification is not allowed.') if attendance_detail.created_at.present? && (Time.zone.now.to_date - attendance_detail.created_at.to_date).to_i >= ATTENDANCE_EDITABLE_VALIDITY unless current_user.super_admin? || current_user.admin?
> errors.empty?
> end
> end
>
> I have lots of conditional callbacks based on current_user in AR.
> I do not want to move these conditions in controller. As there are lot of other conditions that are user permission specific.
>
>
> On Friday, January 26, 2018 at 6:36:50 PM UTC+5:30, Prince Bansal wrote:
> Hello Guys,
>
> I faced a situation in Rails that I need current_user method inside model. There is a condition that I do not have any column that is associated
> with current_user in model. I do not want to declare virtual attribute in each activerecord model also do not want to set it in global variable. How can I achieve this?
>
> Your help will be highly appreciated.
>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/06d886de-2b66-46ac-b71d-7d37981a194a%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/5B816BC0-5A36-4BA7-B695-D0628FDF797E%40wdstudio.com.
For more options, visit https://groups.google.com/d/optout.

Devise is written to be model name agnostic. They use the reference name `resource` internally to mean User, Admin, ChiefPoobah, Peasant -- whatever you choose to call your user model. If you're not hacking on Devise, then you may need to look for a similar abstraction in what you are working on. More details would help us help you...

Walter

> On Jan 26, 2018, at 8:20 AM, Rodrigo Urubatan Ferreira Jardim <urubatan@gmail.com> wrote:
>
> Current user is a session concept, are you sure you are doing things in the correct place?
>
> Maybe you are doing something in a active record hook that should be a method called by the controller...
>
>
> Em Sex, 26 de jan de 2018 11:06, Prince Bansal <er.princebansal@gmail.com> escreveu:
> Hello Guys,
>
> I faced a situation in Rails that I need current_user method inside model. There is a condition that I do not have any column that is associated
> with current_user in model. I do not want to declare virtual attribute in each activerecord model also do not want to set it in global variable. How can I achieve this?
>
> Your help will be highly appreciated.
>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/0bc3a8c2-8d47-4cea-b6f0-3cedd760a15c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
>
> --
> Rodrigo Urubatan Ferreira Jardim
> urubatan@gmail.com / rodrigo@urubatan.com.br
> http://www.urubatan.com.br
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAEi2OX6ZmGSM_KbKJqZBypN-M22gwTouFgCu8zFoX%3Ds1BbDibw%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/63CE8353-D850-47EF-942C-5131F86B7440%40wdstudio.com.
For more options, visit https://groups.google.com/d/optout.

Right. It's even easier for a gem. Just put your templates in the same relative place within your normal rails views or controllers, properly named, and they will "shadow" the version within the gem. In most things in Rails, "nearest wins". Gems insert their code into the Rails lookup path *after* the core application code, not before. So if you add code to the core, it will be found before the gem's code is, and Rails will stop looking at that point.

I just dealt with this last night, when I overrode the Thredded gem to make the breadcrumbs work the way I needed them to. All I had to do was add this folder:

app/views/thredded/shared

and add the _breadcrumbs.html.erb file to that folder, and I had complete control over that one file (without needing to shadow every other part of the gem).

Walter

> On Jan 26, 2018, at 7:10 AM, Mauro Locatelli <crivotz@gmail.com> wrote:
>
> Sorry I've seen now the word 'gems'
> My instructions are to make override of scaffold generator.
>
> Mauro
>
>
> 2018-01-26 13:06 GMT+01:00 Mauro Locatelli <crivotz@gmail.com>:
> Yes, you can
>
> Model
> project_folder/lib/templates/active_record/model/model.rb
>
> Controller
> project_folder/lib/templates/rails/scaffold_controller/controller.rb
>
> Views
> project_folder/lib/templates/erb/scaffold/
>
> All the original file can be founded inside railties folder (bundle show railties)
> You can also add views editing scaffold_generator.rb
>
> Cheers
> Mauro
>
> 2018-01-26 12:52 GMT+01:00 fugee ohu <fugee279@gmail.com>:
> I can override any gem's controllers and views by creating them in my app?
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/51d6633b-81cc-41ef-b548-575feb06f086%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CANnJYrqXiWCGi8yayXi4OCJSRxq_D4m6Er8fzBbPjf7Ak4%2BuVw%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/9B5539DE-AE7E-499C-88F4-7DB7B89B7925%40wdstudio.com.
For more options, visit https://groups.google.com/d/optout.