I am relatively new to this and completely lost.  I'm trying to make a
user's profile page.  If the user is an admin, they can see all the
users, as well as access and edit/update each user's profile page.

I finally got it to work...but when I logged in as a user I received
several errors which can be noted in the accompanying jpgs.

The first jpg is the url that I am assuming the user will go to for
their profile page.

The second jpg (User-Index) is the error I get when I try to access the
index page as a non-admin.

The third jpg (User-Edit) is the error I get when I try to access the
Edit page for a user account as a non-admin.

The project can be found at:  https://github.com/GBressler/esl-site

Any help that could be proved on these issues would be greatly
appreciated.

Here is my Users Controller:

class UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]

  def index
    if current_user.id == 1
      @users = User.all
    else
      render 'profile_page'
    end
  end

  def show
    render 'profile_page'
    authorize! :show, @user
    @user = User.find(params[:id])
    current_user.first_name
  end

  def update
  end

  def edit
    authorize! :edit, @user
  end

  def destroy
  end

  private

    def set_user
     @user = User.find(params[:id])
    end


  def user_params
    params.require(:user).permit(:id, :first_name, :last_name, :email,
:username)
  end
end


Here's the code for my yet-to-be developed Edit and Profile Page:
<h1>hi</h1>

<p><%= @user.username %></p>

Here's the code for the index page that the admin sees:

<h1>Listing users</h1>
<!-- START_HIGHLIGHT -->
<% if notice %>
<p id="notice"><%= notice %></p>
<% end %>
<!-- END_HIGHLIGHT -->

<table>
  <thead>
    <tr>
      <th>Name</th>
      <th>Username</th>
      <th></th>
      <th></th>
    </tr>
  </thead>

  <tbody>
    <% @users.each do |user| %>
      <tr>
        <td><%= user.first_name %></td>
        <td><%= user.username %></td>
        <td><%= link_to 'Show', user %></td>
        <td><%= link_to 'Edit', edit_user_path(user) if can?(:edit,
user)%></td>
        <td><%= link_to 'Destroy', user, method: :delete,
        data: { confirm: 'Are you sure?' } %></td>
      </tr>
    <% end %>
  </tbody>


</table>

Attachments:
http://www.ruby-forum.com/attachment/11128/nonadmin-user-page.jpg
http://www.ruby-forum.com/attachment/11129/User-Index.jpg
http://www.ruby-forum.com/attachment/11130/User-Edit.jpg


-- 
Posted via http://www.ruby-forum.com/.

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/rubyonrails-talk/577c4063b06602f948c7795bce4bf906%40ruby-forum.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to