Azinck94
commented
7 years ago will continue to work and post updates as I go, free beer and corndogs if anyone can help me figure this out at some point next week!
Closed Azinck94 closed 7 years ago
Azinck94
commented
7 years ago will continue to work and post updates as I go, free beer and corndogs if anyone can help me figure this out at some point next week!
Azinck94
commented
7 years ago So I managed to revert to an older commit and work from there, but am still trying to figure user ownership. I know that I need to alter my ballers table to add a foreign key for users but havent been able to figure it out without pissing off my back end. I will post my code below
Azinck94
commented
7 years ago baller.rb:
class Baller < ApplicationRecord
belongs_to :user
validates :name, :user, presence: true
enduser.rb:
# frozen_string_literal: true
class User < ApplicationRecord
include Authentication
has_many :examples
has_many :ballers
endcreate_ballers.rb:
class CreateBallers < ActiveRecord::Migration[5.0]
def change
create_table :ballers do |t|
t.string :first_name
t.string :last_name
t.string :team
t.string :position
t.integer :buckets
t.integer :rpg
t.integer :apg
t.string :sponsors
t.string :shoes
t.string :catchphrase
t.references :user, foreign_key: true
t.timestamps
end
end
endcreate_users.rb:
# frozen_string_literal: true
class CreateUsers < ActiveRecord::Migration
def change
create_table :users do |t|
t.string :email, null: false, index: { unique: true }
t.string :token, null: false, index: { unique: true }
t.string :password_digest, null: false
t.timestamps null: false
end
end
endso I apparently don't have user ownership still even after dropping and re migrating my db with the following files: baller.rb:
belongs_to :user
validates :user, presence: true
end
#gooduser.rb:
class User < ApplicationRecord
include Authentication
has_many :examples
has_many :ballers
end
#goodusers_controller.rb
# frozen_string_literal: true
class UsersController < ProtectedController
skip_before_action :authenticate, only: [:signup, :signin]
# POST '/sign-up'
def signup
user = User.create(user_creds)
if user.valid?
render json: user, status: :created
else
render json: user.errors, status: :bad_request
end
end
# POST '/sign-in'
def signin
creds = user_creds
if (user = User.authenticate creds[:email],
creds[:password])
render json: user, serializer: UserLoginSerializer, root: 'user'
else
head :unauthorized
end
end
# DELETE '/sign-out/1'
def signout
if current_user == User.find(params[:id])
current_user.logout
head :no_content
else
head :unauthorized
end
end
# PATCH '/change-password/:id'
def changepw
if !current_user.authenticate(pw_creds[:old]) ||
(current_user.password = pw_creds[:new]).blank? ||
!current_user.save
head :bad_request
else
head :no_content
end
end
def index
render json: User.all
end
def show
user = User.find(params[:id])
render json: user
end
def update
head :bad_request
end
private
def user_creds
params.require(:credentials)
.permit(:email, :password, :password_confirmation)
end
def pw_creds
params.require(:passwords)
.permit(:old, :new)
end
private :user_creds, :pw_creds
endballers_controller.rb:
class BallersController < OpenReadController
before_action :set_baller, only: [:show, :update, :destroy]
# GET /ballers
def index
@ballers = Baller.all
render json: @ballers
end
# GET /ballers/1
def show
@ballers = Baller.find(params[:id])
render json: @baller
end
#good
# POST /ballers
def create
#@baller = Baller.new(baller_params)
@baller = current_user.ballers.build(baller_params)
if @baller.save
render json: @baller, status: :created, location: @baller
else
render json: @baller.errors, status: :unprocessable_entity
end
end
# PATCH/PUT /ballers/1
def update
if @baller.update(baller_params)
render json: @baller
else
render json: @baller.errors, status: :unprocessable_entity
end
end
# DELETE /ballers/1
def destroy
@baller.destroy
end
private
# Use callbacks to share common setup or constraints between actions.
def set_baller
#@baller = Baller.find(params[:id])
@baller = current_user.ballers.find(params[:id])
end
# Only allow a trusted parameter "white list" through.
def baller_params
params.require(:baller).permit(:first_name, :last_name, :team, :position, :buckets, :rpg, :apg, :sponsors, :shoes, :catchphrase)
end
endschema.rb:
ActiveRecord::Schema.define(version: 20170801212024) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
create_table "ballers", force: :cascade do |t|
t.string "first_name"
t.string "last_name"
t.string "team"
t.string "position"
t.integer "buckets"
t.integer "rpg"
t.integer "apg"
t.string "sponsors"
t.string "shoes"
t.string "catchphrase"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.integer "user_id"
t.index ["user_id"], name: "index_ballers_on_user_id", using: :btree
end
create_table "examples", force: :cascade do |t|
t.text "text", null: false
t.integer "user_id", null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["user_id"], name: "index_examples_on_user_id", using: :btree
end
create_table "teams", force: :cascade do |t|
t.integer "user_id"
t.integer "baller_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["baller_id"], name: "index_teams_on_baller_id", using: :btree
t.index ["user_id"], name: "index_teams_on_user_id", using: :btree
end
create_table "users", force: :cascade do |t|
t.string "email", null: false
t.string "token", null: false
t.string "password_digest", null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["email"], name: "index_users_on_email", unique: true, using: :btree
t.index ["token"], name: "index_users_on_token", unique: true, using: :btree
end
add_foreign_key "ballers", "users"
add_foreign_key "examples", "users"
add_foreign_key "teams", "ballers"
add_foreign_key "teams", "users"
endEven after seemingly doing everything right I can still access ballers created on different accounts and delete and update them... If someone can't sit down could they at least look at this? I'm really lost and just need a little help, I have been at this for days... Thanks, appreciate it!!
Azinck94
commented
7 years ago I think I need to create two places: 1 for a user's personal ballers and one for the conglomerate list which everyone can add to... As of right now I have gotten at least to the point where I can't edit or delete another user's ballers... but can still see them.. Will continue to post updates!
benjimelito
commented
7 years ago So I noticed that ballers is inheriting from OpenReadController, rather than the ProtectedController. Maybe this could be part of your issue?
Azinck94
commented
7 years ago good call, thanks Ben I will make that change and let you know what happens!
Azinck94
commented
7 years ago changing it to ProtectedController resulted in a 401 unauthorized error when trying to create a baller, but did prevent me from seeing other ballers;
Failed to load resource: the server responded with a status of 401 (Unauthorized)can anyone take a look if there is workshop time today?
Azinck94
commented
7 years ago am now getting this error when i try to create a baller:
POST http://localhost:4741/ballers 401 (Unauthorized)I would like someone to look at this before I proceed further. Every time I attempt to fix something another thing seems to break.... I would like to sit down with someone today to go over this. I done my very best to follow instructions and try to get through this by exhausting every avenue I can think of rather than waste your time but I need help with this.
jordanallain
commented
7 years ago hey we can totally sit down to try and dig through this later. if your code has changed since you posted it earlier you should update this issue with the new relevant code as well so i can take a look.
Azinck94
commented
7 years ago Thanks!! sounds good,I haven't changed the back end at all which is why its even weirder! Appreciate you sitting down with me though!
jordanallain
commented
7 years ago you said earlier you changed the type of controller the ballers controller was inheriting from so you've changed something!
Azinck94
commented
7 years ago ah sorry you're right I never posted it, sorry! ballers controller:
class BallersController < ProtectedController
before_action :set_baller, only: [:show, :update, :destroy]
# GET /ballers
def index
@ballers = Baller.all
render json: @ballers
end
# GET /ballers/1
def show
@ballers = Baller.find(params[:id])
render json: @baller
end
#good
# POST /ballers
def create
#@baller = Baller.new(baller_params)
@baller = current_user.ballers.build(baller_params)
if @baller.save
render json: @baller, status: :created, location: @baller
else
render json: @baller.errors, status: :unprocessable_entity
end
end
# PATCH/PUT /ballers/1
def update
if @baller.update(baller_params)
render json: @baller
else
render json: @baller.errors, status: :unprocessable_entity
end
end
# DELETE /ballers/1
def destroy
@baller.destroy
end
private
# Use callbacks to share common setup or constraints between actions.
def set_baller
#@baller = Baller.find(params[:id])
@baller = current_user.ballers.find(params[:id])
end
# Only allow a trusted parameter "white list" through.
def baller_params
params.require(:baller).permit(:first_name, :last_name, :team, :position, :buckets, :rpg, :apg, :sponsors, :shoes, :catchphrase)
end
endadd_user_to_ballers.rb migration file:
class AddUserToBallers < ActiveRecord::Migration[5.0]
def change
add_reference :ballers, :user, foreign_key: true
end
endballer and user models remain the same
Azinck94
commented
7 years ago my index.js front end file file was running everything twice, which was making everything mad at me, fixed it and now smooth sailing, thanks Ben and Jordan!!
Azinck94
commented
7 years ago NVM...everything is smooth on local host servers, but the deployed site is giving me a 500 internal server error when I try to do a post request to create a baller:
20:46:21.451 no-conflict.js:13 on createBaller invoked
20:46:21.451 no-conflict.js:13 create entry in api running
20:46:21.452 no-conflict.js:13 Object {first_name: "as", last_name: "", team: "", position: "", buckets: ""…}
20:46:21.575 ballerhub.herokuapp.com/ballers:1 POST https://ballerhub.herokuapp.com/ballers 500 (Internal Server Error)
20:46:21.576 vendor.js:9678 XHR finished loading: POST "https://ballerhub.herokuapp.com/ballers".
send @ vendor.js:9678
ajax @ vendor.js:9285
createBaller @ no-conflict.js:13
onCreateBaller @ no-conflict.js:13
dispatch @ vendor.js:5318
elemData.handle @ vendor.js:5126
20:46:21.579 no-conflict.js:13 Object {readyState: 4, getResponseHeader: function, getAllResponseHeaders: function, setRequestHeader: function, overrideMimeType: function…}@jordanallain @MicFin @tvlangley @payne-chris-r @sdavidson140 @Jcornmanhomonoff @bengitscode @benjimelito
Azinck94
commented
7 years ago here is the response header on the console:
Access-Control-Allow-Credentials:true
Access-Control-Allow-Methods:OPTIONS, HEAD, GET, DELETE, PATCH, PUT, POST
Access-Control-Allow-Origin:https://azinck94.github.io
Access-Control-Max-Age:1728000
Connection:keep-alive
Content-Length:46
Content-Type:application/json; charset=utf-8
Date:Fri, 04 Aug 2017 00:46:20 GMT
Server:Cowboy
Vary:Origin
Via:1.1 vegur
X-Request-Id:c411cf98-7a32-44b2-9d15-9d0471fb8fd3
X-Runtime:0.014187request header:
Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.8
Authorization:Token token=BAhJIiVjYzI4NDg4MjEwYjAzOWM5YjZhNjgxZjFjNjFmOWQ4MQY6BkVG--a2339884d02a8ee79c29792756c2c6637937c9e9
Cache-Control:no-cache
Connection:keep-alive
Content-Length:243
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Host:ballerhub.herokuapp.com
Origin:https://azinck94.github.io
Pragma:no-cache
Referer:https://azinck94.github.io/Ballerhub-FrontEnd/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36when I try to create a new baller this is the exact error:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)checked heroku logs, seems that when an attempt is made to create a baller the following causes an error:
2017-08-04T01:38:16.882319+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155]
2017-08-04T01:38:16.882397+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155] ActiveModel::UnknownAttributeError (unknown attribute 'user_id' for Baller.):full error:
2017-08-04T01:38:16.863134+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155] Parameters: {"baller"=>{"first_name"=>"Guy", "last_name"=>"Fleegman", "team"=>"Niners", "position"=>"offlane", "buckets"=>"230", "rpg"=>"24", "apg"=>"25", "sponsors"=>"Mountain Dew", "shoes"=>"High Heels", "catchphrase"=>"I'll try spinning! That's a good trick!", "submit"=>"Create Baller!"}}
2017-08-04T01:38:16.875091+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155] User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."token" = $1 LIMIT $2 [["token", "545ab5f3917fdf904d9ab6cf9606ddd8"], ["LIMIT", 1]]
2017-08-04T01:38:16.881823+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155] Completed 500 Internal Server Error in 19ms (ActiveRecord: 0.7ms)
2017-08-04T01:38:16.882319+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155]
2017-08-04T01:38:16.882397+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155] ActiveModel::UnknownAttributeError (unknown attribute 'user_id' for Baller.):
2017-08-04T01:38:16.882426+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155]
2017-08-04T01:38:16.882464+00:00 app[web.1]: [107faa15-4eaa-4110-bad6-6c8fd42b2155] appare you permitting the user_id?
Azinck94
commented
7 years ago Just added that permission to ballers controller:
class BallersController < OpenReadController
before_action :set_baller, only: [:update, :destroy]
# GET /ballers
def index
@ballers = Baller.all
render json: @ballers
end
# GET /ballers/1
def show
@ballers = Baller.find(params[:id])
render json: @baller
end
#good
# POST /ballers
def create
#@baller = Baller.new(baller_params)
@baller = current_user.ballers.build(baller_params)
if @baller.save
render json: @baller, status: :created, location: @baller
else
render json: @baller.errors, status: :unprocessable_entity
end
end
# PATCH/PUT /ballers/1
def update
if @baller.update(baller_params)
render json: @baller
else
render json: @baller.errors, status: :unprocessable_entity
end
end
# DELETE /ballers/1
def destroy
@baller.destroy
end
private
# Use callbacks to share common setup or constraints between actions.
def set_baller
#@baller = Baller.find(params[:id])
@baller = current_user.ballers.find(params[:id])
end
# Only allow a trusted parameter "white list" through.
def baller_params
params.require(:baller).permit(:first_name, :last_name, :team, :position, :buckets, :rpg, :apg, :sponsors, :shoes, :catchphrase, :user_id)
end
endper heroku logs, here is my attempt after permitting user_id:
2017-08-04T13:03:01.023023+00:00 app[web.1]: [67ac962b-4417-4dc3-ac1f-9a4f4ace65ce] Parameters: {"baller"=>{"first_name"=>"Andrew", "last_name"=>"Zinckinator", "team"=>"", "position"=>"", "buckets"=>"", "rpg"=>"", "apg"=>"", "sponsors"=>"", "shoes"=>"", "catchphrase"=>"", "submit"=>"Create Baller!"}}
2017-08-04T13:03:01.026411+00:00 app[web.1]: [67ac962b-4417-4dc3-ac1f-9a4f4ace65ce] User Load (1.1ms) SELECT "users".* FROM "users" WHERE "users"."token" = $1 LIMIT $2 [["token", "71c2cd535c9ee8c5a36b83006229f137"], ["LIMIT", 1]]
2017-08-04T13:03:01.049432+00:00 app[web.1]: [67ac962b-4417-4dc3-ac1f-9a4f4ace65ce]
2017-08-04T13:03:01.049392+00:00 app[web.1]: [67ac962b-4417-4dc3-ac1f-9a4f4ace65ce] ActiveModel::UnknownAttributeError (unknown attribute 'user_id' for Baller.):
2017-08-04T13:03:01.049492+00:00 app[web.1]: [67ac962b-4417-4dc3-ac1f-9a4f4ace65ce] app/controllers/ballers_controller.rb:20:in `create'
2017-08-04T13:03:01.051403+00:00 heroku[router]: at=info method=POST path="/ballers" host=ballerhub.herokuapp.com request_id=67ac962b-4417-4dc3-ac1f-9a4f4ace65ce fwd="144.121.82.194" dyno=web.1 connect=0ms service=31ms status=500 bytes=463 protocol=httpsdid you run these new migrations to heroku?
Azinck94
commented
7 years ago yes, here is the dom console:
09:24:20.344 no-conflict.js:13 create entry in api running
09:24:20.344 no-conflict.js:13 Object {first_name: "Andrew", last_name: "Zinckinator", team: "Spurs", position: "", buckets: ""…}
09:24:20.654 ballerhub.herokuapp.com/ballers:1 POST https://ballerhub.herokuapp.com/ballers 500 (Internal Server Error)
09:24:20.655 vendor.js:9678 XHR finished loading: POST "https://ballerhub.herokuapp.com/ballers".
send @ vendor.js:9678
ajax @ vendor.js:9285
createBaller @ no-conflict.js:13
onCreateBaller @ no-conflict.js:13
dispatch @ vendor.js:5318
elemData.handle @ vendor.js:5126
09:24:20.658 no-conflict.js:13 Object {readyState: 4, getResponseHeader: function, getAllResponseHeaders: function, setRequestHeader: function, overrideMimeType: function…}any reason that my localhost show ballers function displays the ballers found when I run bin/rails db and then TABLE ballers, but on the deployed site the show ballers function displays a different set of players that I don't see on the db table?
jordanallain
commented
7 years ago your dev db and production db aren't the same.
Azinck94
commented
7 years ago for the front end should the config.js look like this:
const config = {
apiOrigins: {
production: 'https://ballerhub.herokuapp.com',
development: 'http://localhost:4741'
}
}
module.exports = configlooks fine
cpearce31
commented
7 years ago So just to be clear, did you definitely do heroku run rake db:migrate?
jordanallain
commented
7 years ago i think we sniffed it out, yeah @Azinck94 ?
it wasn't letting him migrate to heroku so we reset his production database and ran all of his migrations on a fresh slate.
Azinck94
commented
7 years ago ^this, for some reason heroku wasnt up to date with user ownership, so ran a reset and then re migrated and everything is now working
seems as though there is a missing attribute password in the active control getting the following error now: