Displaying 20 results from an estimated 1000 matches similar to: "Role Based Authorization recipe implementation?"
2006 Apr 21
1
Catch authentication result from a model in a controller
Im still following the authorization recipe from the book, now all works
fine but im getting trouble in how handle the model authorization
result, if the user and pass are correct, it goes to a welcome
screen(admin.rhtml) but if wrong the model prints a message in an ugly
exception like page "usr and pass not correct", i want to redirect the
user to the login
2006 Nov 04
3
role based authorization question
I am using the the authorization recipe outlined in Rails Recipes.Is it
possible for one role, say ''admin'', to have access to every action on every
controller without explicitly having to create a Right for each?
I know this will not work as is, and to force it to do so would violate MVC,
but is there some other way to accomplish having something like this in a
controller:
2006 May 16
2
before_filter and the application controller
Hi there,
I''m having a bit of an issue with my before_filter. I know that the filters
put in the application.rb controller are global for all the controllers. In
my application filter I''d like to allow access to the RSS feed method in a
''member'' controller and skip the login checks that the before_filters are
currently performing.
In my application my filters
2006 Apr 15
8
Migrations - adding a new table and automatically creating records
I want to create table called roles and then populate it with some new
records...This doesn''t work. Is there something I''m missing?
Craig
class AddRightsAndRolesTables < ActiveRecord::Migration
def self.up
create_table :roles do |t|
t.column "name", :string
end
Role.reset_column_information
Role.new :name => "Users Admin"
2007 Jul 17
12
Getting past my login system
Thank you in advance for your help. I am relatively new to both Rails
and Rspec and I am hoping for some insight from some experienced veterans.
Right now I am using Rspec for code that has already been written so
that additional functionality can be developed using the BDD method. My
problem shows up when I try to spec controllers that are behind the
login system. Each page checks for the
2006 Apr 14
7
SHA2 Issues
Hello all,
Thank you in advance for your help with this. I am trying to implement
the user authentication method from Ruby Recipes which calls for the use
of SHA 2. Here is the code for the password:
def password=(pass)
salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
self.password_salt, self.password_hash = salt,
Digest::SHA256.hexdigest(pass + salt)
end
I open
2006 Dec 08
19
HABTM join table quirk
I''ve been bringing up a good basica framework for applications at work.
To give decent security I''ve been implementing the Rails Recipie for
Authorization of function calls modeled on the book''s implementation.
(Changes for our environment were added..but are minor.)
Since I initially let Rails create the join table between two data
tables with a HABTM relationship....I
2006 Jun 04
5
filter function with parameter
Hi!
I want to add a function with a static paramter ("2" in the example) to
a filter, but somehow Rails seems to be looking for another syntax.
before_filter :check_quantity(2), :only => [:show]
doesn''t work. What''s the right way to do this?
Thanks a lot!
--
Posted via http://www.ruby-forum.com/.
2006 Apr 17
2
probably easy q: flash before redirect
I''m a little perplexed why this isn''t working:
private
def check_authorization
user = User.find(session[:user])
if user.level == 100
flash[:notice] = "welcome, admin"
else
flash[:notice] = "ha ha"
redirect_to :controller
2007 Dec 09
4
Help on drying code
Hi all,
Currently I''m having to do this:
def self.authorized_roles(controller, action)
specific = self.find_by_controller_and_action(controller, action)
all_actions = self.find_by_controller_and_action(controller, ''*'')
all_controllers = self.find_by_controller(''*'')
role_ids = []
specific.each do |role_item|
role_ids <<
2006 Apr 15
6
view code regular expression
I''m lost on regular expressions to begin with...
I''m trying to fix a value to one of 4 radio buttons as there will be
value of either 1,2,3 or 4 in @roles_users...
<TD><input type="radio" id="roles"
name="case_managers[case_manager_name]"
value="Case Manager Admin"
<% if =~ @roles_users /1/ checked =
2006 Jul 07
13
Rails Recipes Book: Authentication
Hi,
The user/login management system in Chapter 31: Authenticating Your
Users and Chapter 32: Authorizing Users with Roles of Chad Fowler''s
Rails Recipes looks reasonable and adequate. However, when I ran the
Chapter 31 code, I get the following error:
Username or password invalid
And I am not even given the chance to sign in; that is, the signin form
does not appear at all.
Has
2006 Apr 10
6
Single Table Mapping
This is pretty simple, but I must be missing the obvious. I''ve got a
table that''s similar to this:
USERS:
- id int
- username varchar(64)
- password varchar(64)
- role_id int
ROLES:
- id int
- description varchar(16)
I''ve had no troubles doing has_many relationships at all. But I want to
map the user.role directly to the role model automatically (which sounds
2005 Nov 16
1
HABTM: deleting records based on attributes
Hello All,
I am new to ROR, and can''t seem to get HABTM to cooperate entirely...
however I might be abusing it! Before I try a different strategy I
thought I''d ask here and see if I''m missing something simple.
So say Projects and Companies are related. Projects can have multiple
Companies, and Companies can be on multiple Projects. But, the same
Company can also
2006 Jan 30
10
How do I get the the full URL of an incoming request
Hey,
Is is possible to get the full URL
(''http://www.sender-domain.com/links/list.html'')
from where a user was sent to my site
(www.my-domain.com/controller/action) e.g. by clicking on a link? (I
read about something called a ''request'' object, I don''t know what it is
or does, is that what I''m looking for?
I''m very new to Rails
2009 Aug 27
2
Setting @request.env["HTTP_REFERER"] in an integration test
Hi.
I would like to set @request.env["HTTP_REFERER"] in an integration
test, but due to its nature, I would naturally set this value to the
previousle request url. How do I do that.
Thanks.
Jarl
2008 Apr 03
2
Change the value stored in inheritance_column
I have been struggling for quite sometime with this.
Is there any way to configure the Model to store user defined value in
the inheritance_column instead of the default value (which is
class_name)
The problem I have is like this:
I have a User model and there are different models which inherit from
this like Admin, Premium, Professional, etc.
Each of these inherited models are identified by a
2008 Oct 03
2
Filter chain halted as [:check_authentication] rendered_or_r
I have this page that you login in from. You get authenticated and then
bumped over to the appropriate page depending on what your role is:
Traveler, Travel Manager, Admin. All pieced work except for the role
asssociated with Travel Managers who get tossed out, apprarently when
they hit a before_filter to check authenication. However, it seams that
they are properly getting authenticated and moved
2007 Feb 22
4
Modifying Apache Conf To Block Leachers
Howdy,
I''m using Apache 2.2 + Mongrel with great success, using the sample
configs from the Mongrel site.
We have some MP3s on the site and recently someone has been stealing
them and basically leaching them from the site, linking to them from
an off-site location.
I''ve been trying to modify my Apache conf to check the referrer and
adjust accordingly as below but no
2011 Jun 05
1
Cancan redirect back at AccessDenied
Hello
I have a rails 3 app and I am trying to implement the redirect back
action at access denied for cancan.
If I try this in my application_controller:
rescue_from CanCan::AccessDenied do |exception|
redirect_to :back
end
It gives the following error:
No HTTP_REFERER was set in the request to this action, so
redirect_to :back could not be called successfully. If this is a test,
make sure