Okay so the goal of this question is for me to figure out how I can display components on a view depending on the Users attributes stored in my database. I'm new to rails so figuring out how to work with data will help me better grasp the framework.
NOTE: I'm using Devise for user auth and SQlite3 for my database.
Here's the example that I'm trying to figure out: I have a table "Users" that contains each users info including an element "rank". Depending on the users rank (if rank >= 2) I would like to display a button for the user to go to a new view. Once on that view I would like to verify the users rank again (for security purposes).
Please let me know if you would like me to edit/add anything to my question to better help you in determining a solution. Thank you all ahead of time!
Schema.rb
ActiveRecord::Schema.define(version: 2020_01_04_235503) do
create_table "users", force: :cascade do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.datetime "created_at", precision: 6, null: false
t.datetime "updated_at", precision: 6, null: false
t.string "userid"
t.string "companyid"
t.string "properties"
t.string "rank"
t.string "firstname"
t.string "lastname"
t.string "username"
t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
t.index ["email"], name: "index_users_on_email", unique: true
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
t.index ["username"], name: "index_users_on_username", unique: true
end
end
<!DOCTYPE html>
<html>
<head>
<title>Berwald | Dashboard</title>
<%= csrf_meta_tags %>
<%= csp_meta_tag %>
<%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
<%= javascript_pack_tag 'application', 'data-turbolinks-track': 'reload' %>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
</head>
<body>
<nav class="navbar navbar-dark bg-dark">
<div class="navbar-nav mr-auto">
<img src="https://berwald.s3.us-east-2.amazonaws.com/images/berwald_logo.png" class="nav-logo">
</div>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle nav-dropdown" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
Account
</a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown">
<a class="dropdown-item nav-dropdown-button" href="">Settings</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item"><%= link_to 'Sign out', destroy_user_session_path, :method => :delete, class: "nav-dropdown-button" %></a>
</div>
</li>
</nav>
<div class="card" style="width: 18rem;">
<img src="..." class="card-img-top" alt="...">
<div class="card-body">
<h5 class="card-title">Create New Property</h5>
<p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
<a href="#" class="btn btn-primary">Add</a>
</div>
</div>
<div class="card" style="width: 18rem;">
<img src="..." class="card-img-top" alt="...">
<div class="card-body">
<h5 class="card-title">Manage Users</h5>
<p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
<a href="#" class="btn btn-primary">Go</a>
</div>
</div>
<script src="https://code.jquery.com/jquery-3.4.1.slim.min.js" integrity="sha384-J6qa4849blE2+poT4WnyKhv5vZF5SrPo0iEjwBvKU7imGFAV0wwj1yYfoRSJoZ+n" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js" integrity="sha384-Q6E9RHvbIyZFJoft+2mJbHaEWldlvI9IOYy5n3zV9zzTtmI3UksdQRVvoxMfooAo" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6" crossorigin="anonymous"></script>
</body>
</html>
Assuming you're using ERB, the code to enable or disable a link by user would be...
<% if current_user.rank >= 2 %>
<%= link_to customers_path %>
<% end %>
In the CustomersController you could do
class CustomersController < ApplicationController
before_action :check_user_rank, only: :index
def index
# show index of customers
end
private
def check_user_rank
if current_user.rank < 2
flash[:error] = 'You are not allowed to do this action'
redirect_back(fallback: root_path)
end
end
end