Home>

I am making a bulletin board site with rails6.
Only the logged-in user can edit it, and it is possible to go to the edit page, but when I press the refresh button, the error below occurs.
When I return to the home page after the error, I have to log in again, but when I log in again and look at the user information, it has changed.
By the way, logged-in users can edit posts and delete their own comments.
I get the following error only when I edit the user.
I would appreciate it if you could tell me who knows. Thank you.

code
devise_for: users
  # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
  root to: "homes # index"
  resources: users
  resources: posts do
    resources: comments, only: [: create,: destroy]
    resources: likes, only: [: create,: destroy]
  end
devise: database_authenticatable,: registerable,
         : recoverable,: rememberable,: validatable
  attachment: profile_image
  has_many: posts, dependent:: destroy
  has_many: comments, dependent:: destroy
  has_many: commented_posts, through:: comments, source:: post
  has_many: likes, dependent:: destroy
  has_many: liked_posts, through:: likes, source:: post
  def posts
    return Post.where (user_id: self.id)
  end
  def alread_liked? (post)
    self.likes.exists? (post_id: post.id)
  end
def index
    @users = User.all
  end
  def show
    @user = User.find (params [: id])
  end
  def edit
    @user = User.find (params [: id])
  end
  def update
    @user = User.find (params [: id])
    @ user.update (user_params)
    redirect_to user_path (@user)
  endprivate
  def user_params
    params.require (: user) .permit (: username,: student_id,: email,: password,: profile_image,: profile)
  end
  <% if @ user.id == current_user.id%>              <% = link_to'edit', edit_user_path (@user), class:'loginuser-only-btn'%>          <% end%>
  <% = form_with model: @user do | f |%>              <% = f.label: username,'username', class:'user-edit-label'%>      <% = f.text_field: username, class:'user-edit-field'%>                      <% = f.label: student_id,'student ID number', class:'user-edit-label'%>      <% = f.text_field: student_id, class:'user-edit-field'%>                      <% = f.label: email, class:'user-edit-label'%>      <% = f.email_field: email, class:'user-edit-field'%>                      <% = f.label: password, class:'user-edit-label'%>      <% = f.password_field: password, class:'user-edit-field'%>                      <% = f.label: profile,'profile', class:'user-edit-label'%>      <% = f.text_area: profile, class:'user-edit-field user-edit-area', rows: 10%>                      <% = f.label: profile_image,'profile image', class:'user-edit-label'%>      <% = f.attachment_field: profile_image, class:'user-edit-field'%>                      <% = f.submit'update', class:'user-edit-submit'%>          <% end%>

def index
    @posts = Post.all
  end
  def show
    @post = Post.find (params [: id])
    @comments = @ post.comments
    @comment = [email protected] = Like.new
  end
  def new
    @post = Post.new
  end
  def create
    @post = Post.new (post_params)
    @ post.user_id = current_user.id
    @ post.save
    redirect_to post_path (@post)
  end
  def edit
    @post = Post.find (params [: id])
  end
  def update
    @post = Post.find (params [: id])
    @ post.update (post_params)
    redirect_to post_path (@post)
  end
  def destroy
    @post = Post.find (params [: id])
    @ post.destroy
    redirect_to posts_path
  end
  private
  def post_params
    params.require (: post) .permit (: title,: body,: image)
  end
  <% if @ post.user.id == current_user.id%>              <% = link_to'edit', edit_post_path (@post), class:'post-show-btn'%>      <% = link_to'Delete', post_path (@post), method:: delete, data: {confirm:'Are you sure I want to delete this post? '},

 class:'post-show-btn'%>          <% end%>
What I tried

After logging in, I checked that I was jumping to a page that only the logged-in person could see, and confirmed that I was able to log in.
I tried adding before_action: authenticate_user! To the users controller, but when I press update, no error occurs, but the login screen is displayed.

Supplementary information (FW/tool version, etc.)

rails 6.0.3.4
ruby 2.6.6
gem devise
docker

  • Answer # 1

    Cause
    I didn't use devise's user-edited view, I created a separate edit page, and I put the path there

    solution
    I changed it to the view path to devise user editing and it worked

  • Answer # 2

    If you want to display the currently logged-in users with Users # show, it will be as follows.

    def show
      [email protected] = User.find (params [: id])
      + @user = current_user
    end