I have this for my before_filters in a controller before_filter :authorize_company_or_admin, :except => [ :index, :list, :show, :display_meetings ] before_filter :authorize_admin, :only => [ :index, :list, :show ] the :authorize_company_or_admin isn''t working. If I do the action show_meeting, it lets the user right through. However, if I change it to before_filter :authorize_company_or_admin, :only => [ :show_meeting ] Then it stops the user. The logic in the action is definitely legit, so it''s not that. The other problem I have, is that :authorize_company_or_admin does a redirect if the user is not allowed to access something. However, all of my actions in the other controllers render partials. So if a user isn''t authorized to access something, both the redirect and render partial get called, and I get the "Render and/or redirect were called multiple times" error. How can this be avoided? Thanks in advance!!! Ben Lisbakken --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Ben Lisbakken ïèøåò:> The other problem I have, is that :authorize_company_or_admin does a > redirect if the user is not allowed to access something. However, all > of my actions in the other controllers render partials. So if a user > isn''t authorized to access something, both the redirect and render > partial get called, and I get the "Render and/or redirect were called > multiple times" error. How can this be avoided? >Haven''t you forgot to return false from authorize_company_or_admin when it forbids access ? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Maxim - Thanks, you were completely right. However, I still have the problem where :except doesn''t work! I have to do :only and name all of the actions I want it to work on :( -Ben --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---