Im completely stuck on Role-Based Authorization (I used the rails recipe
method)
(user_controller.rb)
def login
return if generate_blank
@user = User.new(@params[''user''])
if @session[''user''] =
User.authenticate(@params[''user''][''login''],
@params[''user''][''password''])
flash[''notice''] = l(:user_login_succeeded)
redirect_back_or_default :controller => "admin", :action
=> ''list''
else
@login = @params[''user''][''login'']
flash.now[''message''] = l(:user_login_failed)
end
end
(admin_controller.rb)
before_filter :login_required,
:check_authorization,
:except => [:login, :signup, :show]
def check_authorization
user = User.find(session[:user])
unless user.roles.detect{|role|
role.rights.detect{|right|
right.action == action_name && right.controller ==
controller_name
}
}
flash[:notice] = "You are not authorized to view the page you
requested"
redirect_to :controller => "admin", :action =>
''list''
return false
end
end
I get the error:
ActiveRecord::RecordNotFound in Admin#new
Couldn''t find User without an ID
Help!
--
Posted via http://www.ruby-forum.com/.
