How to pass Devise's current_user as user_id?

You should add to articles_controller's "def new" this line @ask. User_id = current_user.id.

Up vote 1 down vote favorite share g+ share fb share tw.

I'm practicing my Ruby on Rails by creating a simple application where users can sign up (using Devise) and post articles. After installing Devise, I go ahead and generate a scaffold for the articles rails g scaffold article title:string article:text user_id:integer Then I create the Devise user controller rails generate devise User My article controller: class Article in _form.html. Erb, and def create @article.

User_id = current_user. Id ... end to my article controller. This is successfully passing the current_user.

Id as the article's user_id perfectly. Ruby-on-rails devise link|improve this question edited Dec 12 '11 at 10:45 asked Dec 12 '11 at 9:41cdotfeli7215 88% accept rate.

Please be more specific. You make little sense. – clyfe Dec 12 '11 at 9:45 I thought I explained it as well as I could.. but ok, TL;dr --> the articles table has 3 fields (title, article, and user_id).

I'm asking how user_id in the create form can = current_user. Id from Devise. – cdotfeli Dec 12 '11 at 10:30.

Now my question is: how do you make it so that user_id in http://localhost:3000/articles/new/ is automatically current_user. Id? You should add to articles_controller's "def new" this line @ask.

User_id = current_user. Id so then form_for @ask asks for the user_id property of @ask and displays it. But I do not recommend doing this in a real-world app, where you probably would handle this step in "def create" of `articles_controller `Also, in http://localhost:3000/articles/ the user should only be able to view the articles associated with their user_id, not anyone elses.

What changes to the articles controller should I make to do this? Inside articles_controller's def index, change to @articles = Article. Where(user_id:current_user.

Id). Note that you should also add a before_filter :require_user to make sure that current_user is not nil.

Thanks. I think I figured it out. I put in _form.html.

Erb and @article. User_id = current_user. Id under article_controller's 'def create' this is passing the current_user.

Id as the article's user_id perfectly. Your second solution makes sense; I'll give that a shot now. – cdotfeli Dec 12 '11 at 10:43 @cdotfeli Setting the user_id in the form and not checking it afterwards means that you can impersonate any user of your site by doing a manual POST request.

– Benoit Garret Dec 12 '11 at 10:49 @P.S.V.R. Your second solution worked! Thanks a whole bunch. I'll go add that before_filter :require_user now.

– cdotfeli Dec 12 '11 at 10:51 @BenoitGarret so I SHOULDN'T pass the user_id as a hidden field in the form? What should I do instead? Sorry I'm new at this.

– cdotfeli Dec 12 '11 at 10:53 @cdotfeli Sorry, I misread your solution. You're not actually using the hidden_form tag in your controller (you would have if you used params:article:user_id). @article.

User_id = current_user. Id is perfect, but you don't need anything else. – Benoit Garret Dec 12 '11 at 10:57.

In your ArticleController#new action add the following line: @article = current_user.articles. Build As for your index action: @articles = current_user.articles.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.