i am using the acl_system plugin but am having problems when users try
to access restricted pages before they are logged in.
i have my before_filter :check_authentication before the access_control
line, but everytime i try to access a page without being logged in, i
get an error saying:
Couldn''t find User without an ID
/usr/local/lib/ruby/gems/1.8/gems/activerecord-1.14.4/lib/active_record/base.rb:939:in
`find_from_ids''
/usr/local/lib/ruby/gems/1.8/gems/activerecord-1.14.4/lib/active_record/base.rb:382:in
`find''
#{RAILS_ROOT}/app/controllers/application.rb:15:in `current_user''
nothing should be accessing my current_user method before the user is
logged in, and this all worked until i added the acl line right after
it.
is this a bug or did i do something wrong?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
On Nov 1, 2006, at 2:54 PM, Josh wrote:> > i am using the acl_system plugin but am having problems when users try > to access restricted pages before they are logged in. > > i have my before_filter :check_authentication before the > access_control > line, but everytime i try to access a page without being logged in, i > get an error saying: > > Couldn''t find User without an ID > > /usr/local/lib/ruby/gems/1.8/gems/activerecord-1.14.4/lib/ > active_record/base.rb:939:in > `find_from_ids'' > /usr/local/lib/ruby/gems/1.8/gems/activerecord-1.14.4/lib/ > active_record/base.rb:382:in > `find'' > #{RAILS_ROOT}/app/controllers/application.rb:15:in `current_user'' > > nothing should be accessing my current_user method before the user is > logged in, and this all worked until i added the acl line right after > it. > > is this a bug or did i do something wrong?Well the acl_system plugin does its thing based on the current_user method. SO you really should only be using the access_control for pages that you are sure the users will be logged in for. The login action has to set the current_user for access_control to work. Can you paste your controller code? I can help make it work. Cheers- -- Ezra Zygmuntowicz -- Lead Rails Evangelist -- ez-NLltGlunAUd/unjJdyJNww@public.gmane.org -- Engine Yard, Serious Rails Hosting -- (866) 518-YARD (9273) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
hi ezra! Ezra Zygmuntowicz [02.11.2006 01:14]:> Well the acl_system plugin does its thing based on the > current_user method. SO you really should only be using the > access_control for pages that you are sure the users will be > logged in for. The login action has to set the current_user for > access_control to work.sure, but when i ran across that very same problem, i decided that acl_system should simply allow access if the user hasn''t been logged in yet: ---- snip ---- module Caboose::LogicParser alias :original_process :process def process(logicstring, context) context[:user].nil? or original_process(logicstring, context) end end ---- snip ---- otherwise i wouldn''t be able to protect my login controller (which actually is an account controller) by acl_system. cheers jens -- Jens Wille, Dipl.-Bibl. (FH) prometheus - Das verteilte digitale Bildarchiv für Forschung & Lehre An St. Laurentius 4, 50931 Köln Tel.: +49 (0)221 470-6668, E-Mail: jens.wille-31N1O1AsgN5n68oJJulU0Q@public.gmane.org http://www.prometheus-bildarchiv.de/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Here is some code from my Tasks controller and my application.rb file:
class TasksController < ApplicationController
layout ''standard''
before_filter :check_authentication
access_control :DEFAULT => ''POD'',
[:sort, :update_position] => ''(admin &
POD)''
.... controller methods ...
end
class ApplicationController < ActionController::Base
def check_authentication
unless session[:user_id]
session[:original_uri] = request.request_uri
flash[:notice] = ''Please log in''
redirect_to :controller => ''account'', :action =>
''login''
end
end
helper_method :current_user
def current_user
@current_user ||= User.find(session[:user_id])
end
end
Thanks for the help
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
I ran into this problem because i have emails sent out with links to certain tasks, but it requires login in order to view them. i store the intended url in a session variable and then redirect them to that page once they are logged in so that they don''t have to dig through all of the tasks to find the one they were looking for. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---