How to prevent direct URL typing in Rails

Trigger

Even if I made a conditional branch in the view file, I noticed that if it was hit directly from the Url, it would jump to the page.

Conclusion

Use before_action on any controller to create a conditional branch before taking an action.

code

ruby:items.controller.rb


class ItemsController < ApplicationController
  #before_Use action to make a conditional branch before jumping to the controller's action
  before_action :correct_user, only: [:edit]
  before_action :item_find, only: [:show, :edit, :update, :destroy]
  
  def edit
  end

  private

  def item_params
    params.require(:item).permit(:title, :explain, :category_id, :condition_id, :price, :delivery_fee_id, :prefecture_id, :delivery_date_id, :image).merge(user_id: current_user.id)
  end
# before_Users are selected by the method with action
  def correct_user
    @item = Item.find(params[:id])
    if user_signed_in? && @item.user == current_user
      render :edit
    else 
      redirect_to root_path
    end
  end

Supplement

If you hit the Url directly, you will always be asked to disclose the page to the controller via routing, so you need to describe it in the controller. I was able to reconfirm the flow of MVC once again.

Recommended Posts

How to prevent direct URL typing in Rails
[Rails] How to write in Japanese
[Rails] How to prevent screen transition
How to introduce jQuery in Rails 6
How to install Swiper in Rails
How to implement search functionality in Rails
How to change app name in rails
How to use custom helpers in rails
How to use MySQL in Rails tutorial
[rails] How to configure routing in resources
How to implement ranking functionality in Rails
How to use credentials.yml.enc introduced in Rails 5.2
How to prevent past dates from being entered in Rails forms
Convert to a tag to URL string in Rails
How to write Rails
[Rails] How to use select boxes in Ransack
How to translate Rails into Japanese in general
How to uninstall Rails
How to separate .scss by controller in Rails
How to conditionally add html.erb class in Rails
How to implement a like feature in Rails
How to easily create a pull-down in Rails
How to use JQuery in js.erb of Rails6
[Ruby on Rails] How to install Bootstrap in Rails
How to make a follow function in Rails
[Rails] How to use PostgreSQL in Vagrant environment
How to check Rails commands in the terminal
How to set the display time to Japan time in Rails
How to implement guest login in 5 minutes in rails portfolio
How to implement a like feature in Ajax in Rails
[Ruby on Rails] How to write enum in Japanese
[Ruby On Rails] How to reset DB in Heroku
[How to insert a video in haml with Rails]
[Rails] How to deal with URL changes after render
How to write a date comparison search in Rails
How to query Array in jsonb with Rails + postgres
[Rails 6] How to set a background image in Rails [CSS]
[Rails] How to load JavaScript in a specific view
[Rails] How to display an image in the view
[rails] How to post images
[Rails] How to use enum
[Rails] How to install devise
[Rails] How to use enum
How to read rails routes
How to use rails join
How to terminate rails server
How to write Rails validation
How to write Rails seed
[Rails] How to use validation
[Rails] How to disable turbolinks
[Rails] How to use authenticate_user!
[Rails] How to use "kaminari"
[Rails] How to implement scraping
[Rails] How to make seed
How to write Rails routing
[Rails] How to install simple_calendar
[Rails] How to install reCAPTCHA
[Rails] How to use Scope
[Rails] How to define macros in Rspec and standardize processing
Prevent operations! How to securely update Rails manually using transactions
How to deploy jQuery in your Rails app using Webpacker