How to prevent direct URL typing in Rails

Trigger

Even if I made a conditional branch in the view file, I noticed that if it was hit directly from the Url, it would jump to the page.

Conclusion

Use before_action on any controller to create a conditional branch before taking an action.

code

`ruby:items.controller.rb`


class ItemsController < ApplicationController
  #before_Use action to make a conditional branch before jumping to the controller's action
  before_action :correct_user, only: [:edit]
  before_action :item_find, only: [:show, :edit, :update, :destroy]
  
  def edit
  end

  private

  def item_params
    params.require(:item).permit(:title, :explain, :category_id, :condition_id, :price, :delivery_fee_id, :prefecture_id, :delivery_date_id, :image).merge(user_id: current_user.id)
  end
# before_Users are selected by the method with action
  def correct_user
    @item = Item.find(params[:id])
    if user_signed_in? && @item.user == current_user
      render :edit
    else 
      redirect_to root_path
    end
  end

Supplement

If you hit the Url directly, you will always be asked to disclose the page to the controller via routing, so you need to describe it in the controller. I was able to reconfirm the flow of MVC once again.

Recommended Posts

How to prevent direct URL typing in Rails

[Rails] How to write in Japanese

[Rails] How to prevent screen transition

How to introduce jQuery in Rails 6

How to install Swiper in Rails

How to implement search functionality in Rails

How to change app name in rails

How to use custom helpers in rails

How to use MySQL in Rails tutorial

[rails] How to configure routing in resources

How to implement ranking functionality in Rails

How to use credentials.yml.enc introduced in Rails 5.2

How to prevent past dates from being entered in Rails forms

Convert to a tag to URL string in Rails

How to write Rails

[Rails] How to use select boxes in Ransack

How to translate Rails into Japanese in general

How to uninstall Rails

How to separate .scss by controller in Rails

How to conditionally add html.erb class in Rails

How to implement a like feature in Rails

How to easily create a pull-down in Rails

How to use JQuery in js.erb of Rails6

[Ruby on Rails] How to install Bootstrap in Rails

How to make a follow function in Rails

[Rails] How to use PostgreSQL in Vagrant environment

How to check Rails commands in the terminal

How to set the display time to Japan time in Rails

How to implement guest login in 5 minutes in rails portfolio

How to implement a like feature in Ajax in Rails

[Ruby on Rails] How to write enum in Japanese

[Ruby On Rails] How to reset DB in Heroku

[How to insert a video in haml with Rails]

[Rails] How to deal with URL changes after render

How to write a date comparison search in Rails

How to query Array in jsonb with Rails + postgres

[Rails 6] How to set a background image in Rails [CSS]

[Rails] How to load JavaScript in a specific view

[Rails] How to display an image in the view

[rails] How to post images

[Rails] How to use enum

[Rails] How to install devise

[Rails] How to use enum

How to read rails routes

How to use rails join

How to terminate rails server

How to write Rails validation

How to write Rails seed

[Rails] How to use validation

[Rails] How to disable turbolinks

[Rails] How to use authenticate_user!

[Rails] How to use "kaminari"

[Rails] How to implement scraping

[Rails] How to make seed

How to write Rails routing

[Rails] How to install simple_calendar

[Rails] How to install reCAPTCHA

[Rails] How to use Scope

[Rails] How to define macros in Rspec and standardize processing

Prevent operations! How to securely update Rails manually using transactions

How to deploy jQuery in your Rails app using Webpacker