Newbie question - limiting record view

I’m new to rails and I’m having problems figuring out how to limit the
ability to for 1 user to see the records that another user creates. I
have Users and Children and I want to make it so a User with user_id
of 1 who creates children_id of 8,9 can only see children 8,9. I also
want to make it so User_id 2 cannot see user_id 1 or children 8 and 9.
I am using restful_authentication.

The simplest thing to do is create a relationship between the record
and the user. If you object/record was product then:

class Product
belongs_to :user

class User
has_many :products

then in your Product controller always access products via the user:

def index

def new

def create[:products])



One thing. I looked at the example you send and was wondering if this
will prevent other users from viewing the products created by other
users? That is what I am trying to do. I will test you code ASAP.

To clarify…

def create[:products])

should have been

def create[:products])
… # etc


WOW! Thanks for the quick reply. I have created the relationship and I
will change my controllers to reflect your suggestion. Thanks a bunch
for the help.

Yes it will, just use the scope when finding a record. Continuing from
my previous example:

def show
@product = current_user.products.find(params[:id])

Sent from my iPhone

Thanks so much for the help. This worked perfectly. Sorry for the late

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs