Privacy settings validation problem

myowntribe · September 26, 2007, 5:51pm

Hi

I am trying to give privacy settings to my users, I created a
privacy_settings table and model with the following fields:
id
user_id
setting

where setting has three options: public, private and friends and the
user can select an option.

if the user selects, say for example private, then any other user cannot
view his profile.

Another expert helped me with the below methods to accomplish this,
still inspite of the perfectly seeming logic, the validation is not
working and the access is being given to users irrespective of what the
privacy settings of the user are…

class UserController
before_filter :verify_privacy, :only => :show

(…actions code…)

private
def verify_privacy
  @user = User.find(params[:id], :include => :privacy_setting)
  return true if @user.privacy_setting.setting = "public"
 return false if @user.privacy_setting.setting = "private"
 if @user.privacy_setting.setting = "friends" and

!@user.is_friends_with?(current_user)
return false
end
end

class User
has_one :privacy_setting
has_many :friendships
has_many :friends, :through => :friendships #or however you solved
that

def is_friends_with?(user)
friends.find(user.id)
end

end

Could anyone please guide me on this issue…

Cheers

Cass

myowntribe · September 26, 2007, 10:42pm

On 9/26/07, Cass A. [email protected] wrote:

user can select an option.
class UserController
before_filter :verify_privacy, :only => :show

(…actions code…)
private
def verify_privacy
  @user = User.find(params[:id], :include => :privacy_setting)
  return true if @user.privacy_setting.setting = "public"

This is always true, since you’re doing assignment instead of
comparison. You want ==, not =. The rest of the code will never be
run.

 return false if @user.privacy_setting.setting = "private"
 if @user.privacy_setting.setting = "friends" and
!@user.is_friends_with?(current_user)
return false
end
end

This code is messy. I would suggest pulling this logic into a model
method and creating some proper unit tests. You have many branches
here, so you need to do some testing. For instance, what does this
code do if privacy_setting is blank? Is that what you intend it to do?

myowntribe · September 30, 2007, 11:53pm

Hii Cass A.,

I am Swathi Mamadgi, graduate student from Arizona State Universitry.

I am working on a web application using ruby on rails. I need to set
privacy settings for my application, the same way you have done
public,private and friends.

I have seen your code in the forum and the logic seems right. Can u
please guide me on where i can find commands on this regard…any
weblinks or books which throws light on privacy settings??

It will really help me a lot to build my application.

Thanks a ton,
Swathi.

On Sep 26, 8:51 am, Cass A. [email protected]