Hello, I have installed restful_authentication and authentication plugin ( http://code.google.com/p/rails-authorization-plugin/ ) Login, signup and activation is working, but I find it very difficult to take it futher from here. How do I check if a user is logged in and redirect to /login if not? (for all actions in my messages controller) The authorization plugin has added a roles table, does anyone have an example on how to use such a role? Should I add thoose roles from mysql or the console? What I am trying to do is very basic - the logged in user should only CRUD his/her own records /objects. How should that be implemented? This is an example: def edit @blog = Blog.find(params[:id]) end def update @blog = Blog.find(params[:id]) if @blog.update_attributes(params[:blog]) redirect_to :controller => ''blogs'', :action => ''show'', :id => @blog else render :action => ''edit'' end end Hope that any of you can help me out here. I am a bit stuck and been working on this all weekend. Best regards. Asbjørn Morell. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hi,> How do I check if a user is logged in and redirect to /login if not? > (for all actions in my messages controller)Provided that you have include AuthenticatedSystem in either your MessagesController or your application.rb, you can use before_filter :login_required in every controller you need to limit to logged in users.> The authorization plugin has added a roles table, does anyone have an > example on how to use such a role? Should I add thoose roles from > mysql or the console?I tend to add my basic roles either within a migration, or from a short rake task. Generally I think its preferable not to work directly in the database layer, because by circumventing Rails/ActiveRecord you may lose out on validations and the like. Or do you need examples how to manage roles from the web frontend?> What I am trying to do is very basic - the logged in user should only > CRUD his/her own records /objects. How should that be implemented?This can often be done quite nicely with a before_filter that loads the appropriate object, e.g assuming User has_one :blog : before_filter :load_blog protected def load_blog @blog = current_user.blog end and have all your other methods use @blog instead of their own finders. Jan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---