search for: is_admin

...Generator until I finally gave up and wrote my own). One role, of course, is an admin role. Users with this designation can add headline articles, new employee bios, etc. All methods in a controller may or may not need the admin role so I cant use a before_filter in all of them. So I created an is_admin method and put it in the application controller. Works great. Problem is, there are times when I need to do an is_admin check inside a view. So where can I place is_admin so both the view and controller can call it? Is there a better way of doing this? Thanks, - Brent

My application needs to know if a user is an administrator, for security and aesthetic reasons. At the moment, I store true/false in the session by doing the following at login: session[:user_is_admin] = authenticated_user.is_admin? Is this OK to do? Or should I really be doing the following every time: User.find(session[:user_id]).is_admin? (user_id is always in the session too) Is there a nicer way to do this, or should I be using one of the above? Cheers. -- Posted via http://www.ruby...

Hi, test "is_admin method is not visible" do get :is_admin assert_??? end is_admin is protected and should stay that way forever. What assertion do I use? M. -- Posted via http://www.ruby-forum.com/.

I have added roles and roles_users table and updated the model so that my users can have multiple roles. ("Admin" role does always have id = 1). I have added these methods to my application controller. <code> helper_method :is_admin? helper_method :is_user? def is_admin? if @session[''user''] @session[''user''].roles.find(1) else false end end def is_user? !@session[''user''].nil? end </code> The problem is that if a u...

I am using authlogic as a authentication engine in my rails app. I have two types of users 1) Users who are registered and has access to there own profile. 2) Admin user who has access to everybody''s profile In the user table i have a :is_admin field boolean field which defines the admin user. like the current_user method, Is there a way authlogic provides which can tell me if the current user is admin? Any help appreciated.. - S -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk&qu...

...tiveRecord::UnknownAttributeError: unknown attribute: <script type The parameters being sent are: {"user"=> {"email_confirmation"=>"someone-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org", "wants_new_message_notifications"=>"1", "is_admin"=>"0", "<script type"=>"=MyLastName", "first_name"=>"MyFirstName", "email"=>"someone-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org"}, "account_id"=>"1", "action"=>&quot...

I had some doubts while specing the action edit for User Model My controller def edit @user = User.find(get_param(:id, :integer)) @user = current_user if !is_admin? end ******************************* My spec describe "GET edit" do ############################################################## should_require_login :get, :edit ############################################################## describe "authenticated use...

...[:user]) if session[:user] end def logged_in_user return @logged_in_user if is_logged_in? end def logged_in_user=(user) if !user.nil? session[:user] = user.id @logged_in_user = user end end def self.included(base) base.send :helper_method, :is_logged_in?, :is_admin?, :logged_in_user end end This does work under RAILS 2.1.1, but not under 2.3.2 It says: undefined method `is_logged_in?'' for #<ActionView::Base:0x78cf044> Cheers P. -- Posted via http://www.ruby-forum.com/.

I didn''t get a chance to go to this meeting debating WebObjects Vs Rails, but here''s a report about it: http://desperatepundit.com/blog/cremes/technology/2006/02/15/WebObjects-versus-Ruby-On-Rails.html I don''t get what he''s saying, hand coding the model? yeah, you COULD ... but what about script/generate ??? And is that so what he said about security? --

...the link. i have a has_many :through relationship similar to the following example: class Group < ActiveRecord::Base has_many :group_memberships, :dependent => :destroy has_many :admins, :through => :group_memberships, :source => :user, :conditions => ''is_admin = true AND pending = false'' end class GroupMembership < ActiveRecord::Base belongs_to :group belongs_to :user end class User < ActiveRecord::Base has_many :group_memberships has_many :administrations, :through => :group_memberships, :source => :group, :co...

Hi, I''ve got this method : def is_admin? @current_user && @current_user.admin == 1 end I want to be able to call this method from all my controllers and all my views. If I put this method in application_controller I can call it from all my controllers but none of my views. If I put this method in application_helper I can call...

Maybe I am grasping the full usage of this protect_from_forgery function, but it does not seem to work for me. Imagine the following: A simple website with a user that needs to log in to do certain stuff and a closed off admin section that only certain users can access that have the is_admin field set to true. So to be clear, my User model has a login, password and is_admin. When displaying the user''s ''profile'', he can only edit his password. I dont want him editing his own login or ofcourse is_admin status for obvious reasons. Now when I use firebug and i...

What is the best way to implement a ''Down for Maintenance'' page across your Rails app? Ideally I would like to have a button in my admin section that toggles the display of a ''currently under maintenance'' page to every public request to the app (possibly with some dynamic content like estimated down-time) except for: - - requests from a specified IP

...ed in can access that screen. I''d like to differentiate between a regular user and admin. I saw something in the recipe''s book but it''s not quite what I''m looking for. All I want is an extra check. If I create a new boolean field in my user database (call it is_admin), is there a way I can also have the before filter check to see if that field is true? What would be the correct syntax for that? Thanks.. Vince -- Posted via http://www.ruby-forum.com/.

I have created a ''admin'' controller and all the necessary definitions and templates to delete, update and edit records and this is working OK, but how do I effectively restrict access to these defs'' from all but the admin user (called admin)? Currently I am just using if statements within the defs'' to check if it is the admin user logged in e.g; def index

...; ''created_by'' has_and_belongs_to_many :members, :join_table => ''projects__members'' end And the DDL: create table members ( member_id serial primary key , email_address text not null unique , is_active boolean not null default true , is_admin boolean not null default false , can_produce boolean not null default false ); create table projects ( project_id serial primary key , project_name text not null unique , created_by integer not null references members (member_id) ); create table projects__members (...

I was trying to use memcache for session storage in Typo. And i got following error, when user logs into the system. Session ID: Cookie set: is_admin=yes; path=/ Redirected to http://foobar.com:8002/admin/content Completed in 0.02042 (48 reqs/sec) | DB: 0.00236 (11%) | 302 Found [http://foobar.com/accounts/login] undefined class/module User /usr/lib/ruby/gems/1.8/gems/memcache-client-1.0.3/lib/memcache.rb:128:in `get'' /usr/lib/ruby/1.8/...

...lain html elements from the partial template have been stripped, leaving only the elements inserted via the <%= statements. I would appreciate any hints. Best, Eric here is the controller action that responds to the ajax request: =============================== def find_users @user_is_admin = is_admin @user_pages, @users = paginate :users, :order_by => ''login'', :per_page => 10, :conditions => "name like ''%kyle%'' or children like ''%kyle%''" # add error checking later render :partial => &q...

Hello. I will appreciate the opinion. What is the standard way of separating admin functions from normal- user functions? before_filter in one controller? Use two controllers, i.e. ProductController and Admin/ ProductController? I want to use map.resources so RESTFul would be better. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to

Dear all I have a dummy question. The model code as follow: class User < ActiveRecord::Base set_primary_key "username" end In script/console user = {:username => "123", :display_name => "345"} => {:username=>"123", :display_name=>"345"} a = User.new(user) => #<User username: nil, display_name: "345">