Authorization: Before Filter, correct_user: How Does It Work?

In Hartl’s tutorial, chapter 9, specifically code 9.25, deals with editing only your page, not another user’s page.

When the Before Action called “correct_user” executes, it defines an @user variable as User.find(params[:id]). Is it retrieving the logged in person’s ID or the ID of another user when viewing their page? If the @user doesn’t match the earlier defined result of function “current_user” then the person can’t edit the profile of another user. If @user matches “current_user” then the person can edit his own profile.

Why would @user be different from current_user? Is @user (inside correct_user) grabbing a different ID? Otherwise, it looks like correct_user will always match current_user - so why need correct_user at all?

@Shoowa the posts are written by other users. So, without seeing the code, I bet the params[:id] is pointing to the id of the post’s author, which may or may not be the current user.

I was wondering when/how it differentiates IDs. Thank you for that.