Hi. I have a problem in restful routing. My project is a discussion
forum.
The route is
map.resources :forums do |forum|
forum.resources :topics do |topic|
topic.resources :posts
end
end
Everything in the code I wrote are working good.
An example url for a show action of a forum post would be
http://localhost:3000/forums/3/topics/4/posts/90
Now if i replace 90 by 200, I get the post with id 200 which doesn’t
belong to topic id 4.
How can i prevent this?
Thank you
Thanks a lot. I will try this out now
I would think that the find code in your PostsController is something
like
@post = Post.find(params[:id])
This of course directly gets the Post with the id specified in the URL.
What you can do to get around it is to drilldown from the Forum, Topic
and then Post. Something like this:
@forum = Forum.find(params[:forum_id], :include => { :topics => :posts }
)
@topic = @forum.topics.select { |topic| topic.id ==
params[:topic_id].to_i }.first
@post = @topic.posts.select { |post| post.id == params[:id].to_i }.first
Please note that the code above is not robust as it does not check for
nils.
If @topic were nil for example, the last line to get the post will bomb
out.
/franz
I am not sure if this is correct approach but you could apply the
before filter that could check if given post belongs to given topic
(and the topic belongs to given forum )
On Oct 13, 11:32 am, Rock R. [email protected]