In Hartl’s tutorial, chapter 9, specifically code 9.25, deals with editing only your page, not another user’s page.
When the Before Action called “correct_user” executes, it defines an @user variable as User.find(params[:id]). Is it retrieving the logged in person’s ID or the ID of another user when viewing their page? If the @user doesn’t match the earlier defined result of function “current_user” then the person can’t edit the profile of another user. If @user matches “current_user” then the person can edit his own profile.
Why would @user be different from current_user? Is @user (inside correct_user) grabbing a different ID? Otherwise, it looks like correct_user will always match current_user - so why need correct_user at all?