search for: check_authorization

Displaying 11 results from an estimated 11 matches for "check_authorization".

2006 Apr 27
7
Role Based Authorization recipe implementation?
i got the rails recipes book, i have now an auth system for users without problems, now i want to made a role based acces for my app, im following the "Role Based Authorization" recipe of the book but i cant make it to work even when the tables created and correctly added data manually definig the roles and rights. als i dont know how to define a right for use all the actions in a
2006 Apr 17
2
probably easy q: flash before redirect
I''m a little perplexed why this isn''t working: private def check_authorization user = User.find(session[:user]) if user.level == 100 flash[:notice] = "welcome, admin" else flash[:notice] = "ha ha" redirect_to :controller =>"account", :...
2006 Nov 04
3
role based authorization question
...to force it to do so would violate MVC, but is there some other way to accomplish having something like this in a controller: loggedin=false; if session[:user] Applicant.find(session[:user]).roles.each{|r| loggedin=true if r.name== "admin"} end skip_before_filter :check_authentication, :check_authorization if loggedin Thanks, Howard -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060824/92154834/attachment-0001.html
2006 Apr 25
0
completely stuck on Role-Based Authorization
...ller => "admin", :action => ''list'' else @login = @params[''user''][''login''] flash.now[''message''] = l(:user_login_failed) end end (admin_controller.rb) before_filter :login_required, :check_authorization, :except => [:login, :signup, :show] def check_authorization user = User.find(session[:user]) unless user.roles.detect{|role| role.rights.detect{|right| right.action == action_name && right.controller == controller_name } } flash...
2009 Jul 25
3
Rails Authorization and Security question
Working through the Users and Authentication of Learning Rails book (great book, code needs to be proof-read in a few cases, though), I came across this: There''s still one leftover that may be worth addressing, depending on your security needs. The authorization? method has secured the data, and the view no longer shows the user options they can''t really use, but if a
2007 Jul 17
12
Getting past my login system
Thank you in advance for your help. I am relatively new to both Rails and Rspec and I am hoping for some insight from some experienced veterans. Right now I am using Rspec for code that has already been written so that additional functionality can be developed using the BDD method. My problem shows up when I try to spec controllers that are behind the login system. Each page checks for the
2006 Apr 17
2
newbie before_filter question
I''ve successfully gotten acts_as_authenticated working. Currently the before_filter line for my admin screen is like this: class AdminController < ApplicationController include AuthenticatedSystem before_filter :login_required Only issue I have now is that anyone logged in can access that screen. I''d like to differentiate between a regular user and
2007 Jan 21
0
Functional Test Fails with before filter in application.rb
...in user_contorller_test.rb def test_index_without_user get :index assert_response :redirect assert_redirected_to :action => "login" assert_equal "Please login", flash[:notice] end in application.rb before_filter :check_authentication, :check_authorization, :except => [:login] def check_authentication unless session[:user] flash[:notice] = "Please login" redirect_to :controller => :user, :action => :login return false end end -- Posted via http://www.ruby-forum.com/. --~--~--------...
2006 Nov 04
0
Having problems with edge rails
I just switched to Edge Rails (revision 5207) since I want to use the BigDecimal support for an e-commerce website.. Unfortunately, some of my old code seems to be breaking things.. First off, it looks like my "skip_before_filter :check_authentication, :check_authorization, :only => [:login, :forgot_password]" doesn''t work at all, since the before_filter gets executed for every action, including :login and :forgot_password. Also, when I try doing something simple in a view such as: <%= text_field :model_name, :attribute_name %>, I get: Actio...
2010 Jun 08
4
Nginx/Mongrel Could not retrieve catalog from remote server: Error 403 on SERVER
...: Denying access: Forbidden request: client access to /catalog/ client[find] at line 0 /usr/lib/ruby/1.8/puppet/network/rights.rb:79:in `fail_on_deny'' /usr/lib/ruby/1.8/puppet/network/rest_authconfig.rb:36:in `allowed?'' /usr/lib/ruby/1.8/puppet/network/rest_authorization.rb:21:in `check_authorization'' /usr/lib/ruby/1.8/puppet/network/http/handler.rb:66:in `process'' /usr/lib/ruby/1.8/mongrel.rb:159:in `process_client'' /usr/lib/ruby/1.8/mongrel.rb:158:in `each'' /usr/lib/ruby/1.8/mongrel.rb:158:in `process_client'' /usr/lib/ruby/1.8/mongrel.rb:285:in `ru...
2009 Oct 21
2
Bug #2617(?) in Puppet 0.25.1rc2
...uppetklient25.balkon.statystyka.net [find] at line 0 /usr/local/lib/site_ruby/1.8/puppet/network/rights.rb:79:in `fail_on_deny'' /usr/local/lib/site_ruby/1.8/puppet/network/rest_authconfig.rb:36:in `allowed?'' /usr/local/lib/site_ruby/1.8/puppet/network/rest_authorization.rb: 21:in `check_authorization'' /usr/local/lib/site_ruby/1.8/puppet/network/http/handler.rb:66:in `process'' /usr/local/lib/site_ruby/1.8/puppet/network/http/webrick/rest.rb:23:in `service'' /usr/lib/ruby/1.8/webrick/httpserver.rb:104:in `service'' /usr/lib/ruby/1.8/webrick/httpserver.rb:65:in `r...