-
Notifications
You must be signed in to change notification settings - Fork 276
Use scope access
Richard Huang edited this page Aug 15, 2010
·
3 revisions
Please go to: http://rails-bestpractices.com/posts/3-use-scope-access
Before:
class PostsController < ApplicationController
def edit
@post = Post.find(params[:id])
if @post.user != current_user
flash[:warning] = 'Access denied'
redirect_to posts_url
end
end
end
After:
class PostsController < ApplicationController
def edit
# raise RecordNotFound exception (404 error) if not found
@post = current_user.posts.find(params[:id])
end
end