Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SI - Module5

SI - Module5

Luís Ferreira

July 22, 2016
Tweet

More Decks by Luís Ferreira

Other Decks in Programming

Transcript

  1. app/models/user.rb class User < ActiveRecord::Base USER_ROLES = [“regular”, “admin”] private_constant

    :USER_ROLES validates_inclusion_of :role, in: USER_ROLES def admin? role == "admin" end end
  2. app/models/role.rb class Role < ActiveRecord::Base USER_ROLES = %w(regular admin) private_constant

    :USER_ROLES validates_presence_of :name validates_inclusion_of :name, in: USER_ROLES end
  3. app/models/ability.rb class Ability include CanCan::Ability def initialize(user) @user = user

    if user public_send user.role else guest end end def guest can [:show, :update], Invite end ... ... def registered can :read, :all can :manage, Book do |book| book.team_id == @user.team.id end end def admin can :manage, :all end end
  4. app/controllers/restaurants_controller.rb def update @restaurant = Restaurant.find(params[:id]) authorize @restaurant if @restaurant.update(restaurant_params)

    redirect_to restaurants_path else render :edit end end app/policies/restaurant_policy.rb class RestaurantPolicy < ApplicationPolicy def update? user.admin? end end
  5. AJAX allows you to make requests to the server without

    reloading the page and receive and work with data from the server “
  6. <%= link_to "Click me", restaurants_path, remote: true %> Your request

    is now done via AJAX The request uses the JS format, and you have to handle it on the server