I made a post model along with its generated controller, but anyone can Edit and Destroy the posts. How can i allow only the author to edit and destroy the post. I tried something like this but it failed.
rails g add_user_name_to_posts username:string
I added the necessary column and made it a hidden field.
In the controller:
@post.username = current_user.user_name
I made a custom field for that in devise.
So the posts automatically get a username filled out
In my views i added:
<% if @post.username = current_user.user_name %>
(the links to edit and destroy)
<% end %>
Note.The method is called username for posts, but user_name for the user.
Please tell me why this failed and how i can avtually achieve what im going for.