MY VISTA NEW .col-lg-10.col-lg-offset-1.top-space
.panel.panel-default
.panel-heading
%h2 Comentarios de clientes
.panel-body
- @comments.each do |comment|
.media
=image_tag comment.img_user, class: "media-object pull-left img-circle tam_comments"
.media-body
%h4= comment.name
%small.move_date= comment.created_at
%p.move_comment= comment.comment
%hr.max-width
-if user_signed_in?
.col-lg-10.col-lg-offset-1
.card.large-padding
= form_for @comment,builder: BootstrapFormBuilder do |f|
= f.text_area :comment
= f.submit "Publicar"
MY CONTROLADOR
class CommentsController < ApplicationController
before_action :set_comment, only: [:show, :edit, :update, :destroy]
before_action :authenticate_user!, except: [:new]
# GET /comments
# GET /comments.json
def index
if user_signed_in? && current_user.id == 1 && current_user.kind_user == 'Administrador' && current_user.role_id == 1
@comments = Comment.all
else
redirect_to root_path
end
end
# GET /comments/1
# GET /comments/1.json
def show
if user_signed_in? && current_user.id == 1 && current_user.kind_user == 'Administrador' && current_user.role_id == 1
@comments = Comment.find(params[:id])
else
redirect_to root_path
end
end
# GET /comments/new
def new
@comments = Comment.select("img_user, name, created_at, comment").where("validate_comment" => "true")
@comment = Comment.new
end
# GET /comments/1/edit
def edit
if user_signed_in? && current_user.id == 1 && current_user.kind_user == 'Administrador' && current_user.role_id == 1
redirect_to edit_comment_path
else
redirect_to root_path
end
end
# POST /comments
# POST /comments.json
def create
@comment = Comment.new(comment_params)
@comment.user_id = current_user.id
@comment.name = current_user.name
@comment.img_user = current_user.img_user
respond_to do |format|
if @comment.save
format.html { redirect_to new_comment_path, notice: 'Comment was successfully created.' }
format.json { render :new, status: :created, location: @comment }
else
format.html { render :new }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /comments/1
# PATCH/PUT /comments/1.json
def update
if user_signed_in? && current_user.id == 1 && current_user.kind_user == 'Administrador' && current_user.role_id == 1
respond_to do |format|
if @comment.update(comment_params)
format.html { redirect_to @comment, notice: 'Comment was successfully updated.' }
format.json { render :show, status: :ok, location: @comment }
else
format.html { render :edit }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
else
redirect_to root_path
end
end
# DELETE /comments/1
# DELETE /comments/1.json
def destroy
if user_signed_in? && current_user.id == 1 && current_user.kind_user == 'Administrador' && current_user.role_id == 1
@comment.destroy
respond_to do |format|
format.html { redirect_to comments_url, notice: 'Comment was successfully destroyed.' }
format.json { head :no_content }
end
else
redirect_to root_path
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_comment
@comment = Comment.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def comment_params
params.require(:comment).permit(:user_id, :name, :comment, :img_user, :validate_comment)
end
end