4 files changed, 36 insertions, 8 deletions

diff --git a/app/controllers/characters/items_controller.rb b/app/controllers/characters/items_controller.rb
index 470e21c..e38b69a 100644
--- a/app/controllers/characters/items_controller.rb
+++ b/app/controllers/characters/items_controller.rb
@@ -1,6 +1,7 @@
 class Characters::ItemsController < ApplicationController
+  before_action :set_character, only: :index
+
   def index
-    @character = Character.find(params[:character_id])
   end
 
   def equip
@@ -66,4 +67,13 @@ class Characters::ItemsController < ApplicationController
       redirect_to character_items_path(current_char)
     end
   end
+
+  private
+    def set_character
+      @character = Character.find(params[:character_id])
+      unless current_char == @character
+        flash[:alert] = "You can only look at your own items."
+        redirect_to character_path(@character)
+      end
+    end
 end
diff --git a/app/controllers/characters/rankings_controller.rb b/app/controllers/characters/rankings_controller.rb
index bbae9fc..429b487 100644
--- a/app/controllers/characters/rankings_controller.rb
+++ b/app/controllers/characters/rankings_controller.rb
@@ -6,4 +6,4 @@ class Characters::RankingsController < ApplicationController
   def index
     @character = Character.find(params[:character_id])
   end
-end
\ No newline at end of file
+end
diff --git a/app/controllers/characters/skills_controller.rb b/app/controllers/characters/skills_controller.rb
new file mode 100644
index 0000000..6fcf417
--- /dev/null
+++ b/app/controllers/characters/skills_controller.rb
@@ -0,0 +1,15 @@
+class Characters::SkillsController < ApplicationController
+  before_action :set_character, only: :index
+
+  def index
+  end
+
+  private
+    def set_character
+      @character = Character.find(params[:character_id])
+      unless current_char == @character
+        flash[:alert] = "You can only look at your own skills."
+        redirect_to character_path(@character)
+      end
+    end
+end
diff --git a/app/controllers/characters_controller.rb b/app/controllers/characters_controller.rb
index 77e1a94..2eb906b 100644
--- a/app/controllers/characters_controller.rb
+++ b/app/controllers/characters_controller.rb
@@ -1,8 +1,8 @@
 class CharactersController < ApplicationController
   skip_before_action :redirect_if_no_active_character, only: [:new, :create]
+  before_action :set_character, only: [:show, :set_combat_styles]
 
   def show
-    @character = Character.find(params[:id])
   end
 
   def new
@@ -22,11 +22,6 @@ class CharactersController < ApplicationController
   end
 
   def set_combat_styles
-    @character = Character.find(params[:character_id])
-    unless @character == current_char
-      flash[:alert] = "You can't set the combat styles of another character."
-      redirect_to character_path(@character) and return
-    end
     if @character.update(offensive_style: params[:offensive_style],
                          defensive_style: params[:defensive_style])
       flash[:notice] = "Changed combat styles to #{@character.offensive_style} and #{@character.defensive_style}."
@@ -40,4 +35,12 @@ class CharactersController < ApplicationController
     def character_params
       params.require(:character).permit(:name)
     end
+
+    def set_character
+      @character = Character.find(params[:id])
+      unless current_char == @character
+        flash[:alert] = "You can only manage your own character."
+        redirect_to character_path(@character)
+      end
+    end
 end