我如何只允许创建类别的用户在rails中编辑它

Question

I have two tables bookmarks and categories . These models have a HABTM relationship.

Everything works as it should but I only want to allow users who created a category to be able to edit them. I have this set up on the bookmarks okay but is there a way to do it using the relationship between bookmarks and categories or do I just set it up the same way as bookmarks ? which is having a user_id in the categories table.

Answer 1

Assuming you have 2 join tables:

user.rb

has_many :categories, :through => :user_categories

category.rb

has_many :users, :through => :user_categories
has_many :bookmarks, :through => :bookmark_categories

def is_editable_by?(user)
  user.category.include? self
end

bookmark.rb

has_many :categories, :through => :bookmark_categories
has_many :users, :through => :categories

your_view.html.erb

if category.is_editable_by? current_user
  <%= link_to "edit", edit_category_path, category %>
end

Answer 2

If the intention is

a) only the user who created the bookmark can edit them

Then we need to have a separate column user_id in bookmark model to store the creator of the bookmark and allow access similar to category .

b) the user who created the category can edit any bookmarks under that category, then we can just use the associated to get the users with permissions.

bookmark.rb

Class BookMark < ActiveRecord::Base
   has_many :categories, :through => :bookmark_categories
   has_many :users, :through => :categories
end

and we can just say bookmark.users.include?(current_user) then allow edit only if this condition satisfies.