search for: check_administrator_rol

Displaying 3 results from an estimated 3 matches for "check_administrator_rol".

2008 May 21
8
before_filter with multiple roles
I have multiple roles in my application. Now I want to block a method for all users except the administrator and a manager. When I do this: before_filter (:check_administrator_role), :only => [:administration] before_filter (:check_taskmanager_role), :only => [:administration] The user must have both roles. How can I change that to an "OR" combination? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You recei...
2009 Jun 05
6
rails 2.3.2
Hi all, I am using rails v.2.3.2 and if I put following line to my ApplicationController: include LoginSystem and I moved my login_system.rb to lib folder: module LoginSystem protected def is_logged_in? @logged_in_user = User.find(session[:user]) if session[:user] end def logged_in_user return @logged_in_user if is_logged_in? end def logged_in_user=(user) if
2009 Feb 25
3
Secure but elegant destruction method
Hi,- I am looking for a clean and secure way for an ActiveRecord instance to delete itself. Say I have a User model in my app. Then the destructive action would be /users/user_id/destroy. If this action is not secured by a filter like: (*) before_filter :check_administrator_role, :only => :destroy then any user could potentially log in and start issuing: /users/1/destroy /users/2/destroy . . . /users/n/destroy But I want to give a User the possibility to delete [him|her]self. Currently the only way I can think of it is this: 1) Remove the filter (*) 2) Re-code the...