Hi all, I''ve put new code into my app so that an administrator will have extra privileges (administer users, edit pages). The error is: ''Couldn''t find User without an ID'' So the app is looking for a logged in user when the homepage is accessed. Heres my code: site/index view: <% if is_logged_in? and logged_in_user.has_role?(''Moderator'') -%> <%= link_to ''Administer Users'', :controller => ''user'', :action => ''show'' %> <%= link_to '' | Edit pages'', pages_path %> <% end %> application helper: def is_logged_in? @logged_in_user = User.find(session[:user_id]) @logged_in_user ? @logged_in_user : false end def logged_in_user return @logged_in_user if is_logged_in? How could I change the code to rectify this? Any help would be greatly appreciated Steve. -- Posted via http://www.ruby-forum.com/.
When are you saving the user_id to the session? You need to force a redirect to a login page if there is no session [:user_id] and you should also handle the fact that session[:user_id] may be nil in your is_logged_in? method. On Apr 29, 1:15 pm, Stephen Fagan <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Hi all, I''ve put new code into my app so that an administrator will have > extra privileges (administer users, edit pages). The error is: > > ''Couldn''t find User without an ID'' > > So the app is looking for a logged in user when the homepage is > accessed. > > Heres my code: > > site/index view: > > <% if is_logged_in? and logged_in_user.has_role?(''Moderator'') -%> > <%= link_to ''Administer Users'', :controller => ''user'', :action => > ''show'' %> > <%= link_to '' | Edit pages'', pages_path %> > <% end %> > > application helper: > > def is_logged_in? > @logged_in_user = User.find(session[:user_id]) > @logged_in_user ? @logged_in_user : false > end > > def logged_in_user > return @logged_in_user if is_logged_in? > > How could I change the code to rectify this? Any help would be greatly > appreciated > > Steve. > -- > Posted viahttp://www.ruby-forum.com/.
Try def is_logged_in? @logged_in_user = User.find(session[:user]) if session[:user] end On Apr 29, 10:15 am, Stephen Fagan <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Hi all, I''ve put new code into my app so that an administrator will have > extra privileges (administer users, edit pages). The error is: > > ''Couldn''t find User without an ID'' > > So the app is looking for a logged in user when the homepage is > accessed. > > Heres my code: > > site/index view: > > <% if is_logged_in? and logged_in_user.has_role?(''Moderator'') -%> > <%= link_to ''Administer Users'', :controller => ''user'', :action => > ''show'' %> > <%= link_to '' | Edit pages'', pages_path %> > <% end %> > > application helper: > > def is_logged_in? > @logged_in_user = User.find(session[:user_id]) > @logged_in_user ? @logged_in_user : false > end > > def logged_in_user > return @logged_in_user if is_logged_in? > > How could I change the code to rectify this? Any help would be greatly > appreciated > > Steve. > -- > Posted viahttp://www.ruby-forum.com/.
Rick Lloyd wrote:> Try > > def is_logged_in? > @logged_in_user = User.find(session[:user]) if session[:user] > end > > On Apr 29, 10:15�am, Stephen Fagan <rails-mailing-l...@andreas-s.net>Thanks Rick. It worked a treat and also opened up a couple of gaping holes aswell (which I''ve managed to rectify!) Cheers Stephen. -- Posted via http://www.ruby-forum.com/.
Just to followup if you''re interested, .... the error msg from the op was due to the fact that the call to session[:user_id] returned nil, and thus calling find(nil) resulted in that error being raised. If you wanted to avoid such an error and just have the find call return nil if not found, one way is to just call find_by_id: $ ./script/console>> u = User.find(nil)ActiveRecord::RecordNotFound: Couldn''t find User without an ID from /usr/lib/ruby/... ...>> u = User.find_by_id(nil)=> nil Jeff On Apr 29, 2:10 pm, Stephen Fagan <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Rick Lloyd wrote: > > Try > > > def is_logged_in? > > @logged_in_user = User.find(session[:user]) if session[:user] > > end > > > On Apr 29, 10:15 am, Stephen Fagan <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > > Thanks Rick. It worked a treat and also opened up a couple of gaping > holes aswell (which I''ve managed to rectify!) > > Cheers > > Stephen. > > -- > Posted viahttp://www.ruby-forum.com/.
E. Litwin wrote:> When are you saving the user_id to the session? > > You need to force a redirect to a login page if there is no session > [:user_id] and you should also handle the fact that session[:user_id] > may be nil in your is_logged_in? method. >Its saved in the login method: user = User.find_by_user_name(@user.user_name) if user and user.password_matches?(@user.password) user.login!(session) if @user.remember_me == "1" cookies[:remember_me] = { :value => "1", :expires => 10.years.from_now } user.authorization_token = Digest::SHA1.hexdigest( "#{user.user_name}:#{user.password}") I have a redirect if someone tries to access the admin privileges if thats what you mean? -- Posted via http://www.ruby-forum.com/.
Just to clarify - are you setting session[:user_id] in the user.login! (session) call? The other suggestions on handling a nil session[:user_id] (i.e. using find_by_id) are the appropriate ways to handle the error. Eric On Apr 30, 12:09 pm, Stephen Fagan <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> E. Litwin wrote: > > When are you saving the user_id to the session? > > > You need to force a redirect to a login page if there is no session > > [:user_id] and you should also handle the fact that session[:user_id] > > may be nil in your is_logged_in? method. > > Its saved in the login method: > > user = User.find_by_user_name(@user.user_name) > > if user and user.password_matches?(@user.password) > user.login!(session) > if @user.remember_me == "1" > cookies[:remember_me] = { :value => "1", > :expires => 10.years.from_now } > user.authorization_token = Digest::SHA1.hexdigest( > "#{user.user_name}:#{user.password}") > > I have a redirect if someone tries to access the admin privileges if > thats what you mean? > > -- > Posted viahttp://www.ruby-forum.com/.
E. Litwin wrote:> Just to clarify - are you setting session[:user_id] in the user.login! > (session) call? > The other suggestions on handling a nil session[:user_id] (i.e. using > find_by_id) are the appropriate ways to handle the error. > > Eric > > On Apr 30, 12:09�pm, Stephen Fagan <rails-mailing-l...@andreas-s.net>Yes, #log a user in def login!(session) session[:user_id] = self.id end Steve -- Posted via http://www.ruby-forum.com/.