The Depot Application

The Depot Application

12.1 Generating the XML Feed 11.3 Iteration F3: Limiting Access

11.4 Iteration F4: Adding a Sidebar, More Administration

 
edit app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
  layout "store"
  #...
get /admin

NoMethodError in Admin#index

Showing app/views/layouts/store.html.erb where line #24 raised: 

undefined method `items' for nil:NilClass

Extracted source (around line #24): 

21:     <div id="side">
22:       <!-- START_HIGHLIGHT -->
23:       <!-- START:hidden_div -->
24:       <% hidden_div_if(@cart.items.empty?, :id => 'cart') do %>
25:         <%= render(:partial => "cart", :object => @cart) %>
26:       <% end %>
27:     <!-- END:hidden_div -->

RAILS_ROOT: /home/rubys/git/awdwr/work-239/depot

Application Trace | Framework Trace | Full Trace

Request

Parameters: 

None

Show session dump

Response

Headers: 

{"Content-Type"=>"text/html",
 "Cache-Control"=>"no-cache"}

get /users

Listing users

Name
dave Show Edit Destroy

New user 
edit app/views/layouts/store.html.erb
      <% if @cart %>
        <% hidden_div_if(@cart.items.empty?, :id => 'cart') do %>
          <%= render(:partial => "cart", :object => @cart) %>
        <% end %>
      <% end %>
get /admin

Welcome

It's Mon Sep 06 09:13:00 -0400 2010 We have 1 order. 
get /users

Listing users

Name
dave Show Edit Destroy

New user 
rm app/views/layouts/products.html.erb
rm app/views/layouts/users.html.erb
rm app/views/layouts/orders.html.erb
get /users

Listing users

Name
dave Show Edit Destroy

New user 
edit app/models/user.rb
require 'digest/sha1'
 
class User < ActiveRecord::Base
  
  validates_presence_of     :name
  validates_uniqueness_of   :name
 
  attr_accessor :password_confirmation
  validates_confirmation_of :password
 
  validate :password_non_blank
  
  def self.authenticate(name, password)
    user = self.find_by_name(name)
    if user
      expected_password = encrypted_password(password, user.salt)
      if user.hashed_password != expected_password
        user = nil
      end
    end
    user
  end
  
  # 'password' is a virtual attribute
  def password
    @password
  end
  
  def password=(pwd)
    @password = pwd
    return if pwd.blank?
    create_new_salt
    self.hashed_password = User.encrypted_password(self.password, self.salt)
  end
  
  after_destroy :ensure_an_admin_remains
 
  def ensure_an_admin_remains
    if User.count.zero?
      raise "Can't delete last user"
    end
  end     
 
private
 
  def password_non_blank
    errors.add(:password, "Missing password") if hashed_password.blank?
  end
  
  def create_new_salt
    self.salt = self.object_id.to_s + rand.to_s
  end
  
  def self.encrypted_password(password, salt)
    string_to_hash = password + "wibble" + salt
    Digest::SHA1.hexdigest(string_to_hash)
  end
end
edit app/controllers/users_controller.rb
class UsersController < ApplicationController
  # GET /users
  # GET /users.xml
  def index
    @users = User.all(:order => :name)
 
    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @users }
    end
  end
 
  # GET /users/1
  # GET /users/1.xml
  def show
    @user = User.find(params[:id])
 
    respond_to do |format|
      format.html # show.html.erb
      format.xml  { render :xml => @user }
    end
  end
 
  # GET /users/new
  # GET /users/new.xml
  def new
    @user = User.new
 
    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @user }
    end
  end
 
  # GET /users/1/edit
  def edit
    @user = User.find(params[:id])
  end
 
  # POST /users
  # POST /users.xml
  def create
    @user = User.new(params[:user])
 
    respond_to do |format|
      if @user.save
        format.html { redirect_to(users_url,
                    :notice => "User #{@user.name} was successfully created.") }
        format.xml  { render :xml => @user, :status => :created,
                             :location => @user }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @user.errors,
                             :status => :unprocessable_entity }
      end
    end
  end
 
  # PUT /users/1
  # PUT /users/1.xml
  def update
    @user = User.find(params[:id])
 
    respond_to do |format|
      if @user.update_attributes(params[:user])
        format.html { redirect_to(users_url,
                    :notice => "User #{@user.name} was successfully updated.") }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @user.errors,
                             :status => :unprocessable_entity }
      end
    end
  end
 
  # DELETE /users/1
  # DELETE /users/1.xml
  def destroy
    @user = User.find(params[:id])
    begin
      @user.destroy
      flash[:notice] = "User #{@user.name} deleted"
    rescue Exception => e
      flash[:notice] = e.message
    end
 
    respond_to do |format|
      format.html { redirect_to(users_url) }
      format.xml  { head :ok }
    end
  end
end
edit app/controllers/store_controller.rb
      def find_cart
        @cart = (session[:cart] ||= Cart.new)
      end
edit app/controllers/store_controller.rb
      before_filter :find_cart, :except => :empty_cart
echo "Product.new" | IRBRC=tmp/irbrc ruby script/console
>> Product.new
=> #<Product id: nil, title: nil, description: nil, image_url: nil, created_at: nil, updated_at: nil, price: #<BigDecimal:b6909ed8,'0.0',4(8)>>
>>

12.1 Generating the XML Feed 11.3 Iteration F3: Limiting Access