On Tuesday, June 30, 2015 at 6:58:38 PM UTC+1, Jason Hsu, Ruby on High Speed Rails wrote: > The code in question works, but Rails Best Practices docks me with a scope > access warning. The code in question is: > > def show > # NOTE: rails_best practices recommends using scope access > redirect_to(root_path) unless current_user == User.find(params[:id]) > @user = User.find(params[:id]) > end > > How can I get this code to comply with the scope access standard?
I think you've slightly confused it. It's trying to warn you against doing post = Post.find params[:id] if post.user == current_user ... end Because it's better to do current_user.posts.find(params[:id]) Which doesn't apply in your case because it's users you are fetching, not some collection that belongs to a user. I'm not sure why you're bothering with the id parameter at all - why not @user = current_user ? Fred -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/59924f91-bdea-4112-a21b-aadd87724f3d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
