similar to: Help with controllers specs

Hi, test "is_admin method is not visible" do get :is_admin assert_??? end is_admin is protected and should stay that way forever. What assertion do I use? M. -- Posted via http://www.ruby-forum.com/.

Is there a place where I can put a method that can be accessed in both views and controllers? Here''s the situation, maybe someone can suggest a better way to go about this: I created my own custom login system with email verification and user roles (basically, I tinkered around with SaltedHashLoginGenerator until I finally gave up and wrote my own). One role, of course, is an admin

I have added roles and roles_users table and updated the model so that my users can have multiple roles. ("Admin" role does always have id = 1). I have added these methods to my application controller. <code> helper_method :is_admin? helper_method :is_user? def is_admin? if @session[''user''] @session[''user''].roles.find(1)

My application needs to know if a user is an administrator, for security and aesthetic reasons. At the moment, I store true/false in the session by doing the following at login: session[:user_is_admin] = authenticated_user.is_admin? Is this OK to do? Or should I really be doing the following every time: User.find(session[:user_id]).is_admin? (user_id is always in the session too) Is there

Maybe I am grasping the full usage of this protect_from_forgery function, but it does not seem to work for me. Imagine the following: A simple website with a user that needs to log in to do certain stuff and a closed off admin section that only certain users can access that have the is_admin field set to true. So to be clear, my User model has a login, password and is_admin. When displaying the

I am using authlogic as a authentication engine in my rails app. I have two types of users 1) Users who are registered and has access to there own profile. 2) Admin user who has access to everybody''s profile In the user table i have a :is_admin field boolean field which defines the admin user. like the current_user method, Is there a way authlogic provides which can tell me if the

hallo everybody, i already googled the following problem, but there are so many questions regarding "has_many :through", that i just couldn''t find what i was looking for. so, i''m really sorry if this has been asked before. if so, just drop me the link. i have a has_many :through relationship similar to the following example: class Group < ActiveRecord::Base

Hi, I''ve got this method : def is_admin? @current_user && @current_user.admin == 1 end I want to be able to call this method from all my controllers and all my views. If I put this method in application_controller I can call it from all my controllers but none of my views. If I put this method in application_helper I can call it from all my views but none of my controllers.

Has anyone seen this happening to their apps? I''m starting to get errors like this come across from one of my apps: ActiveRecord::UnknownAttributeError: unknown attribute: <script type The parameters being sent are: {"user"=> {"email_confirmation"=>"someone-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org",

I''ve successfully gotten acts_as_authenticated working. Currently the before_filter line for my admin screen is like this: class AdminController < ApplicationController include AuthenticatedSystem before_filter :login_required Only issue I have now is that anyone logged in can access that screen. I''d like to differentiate between a regular user and

Hi all, I am using rails v.2.3.2 and if I put following line to my ApplicationController: include LoginSystem and I moved my login_system.rb to lib folder: module LoginSystem protected def is_logged_in? @logged_in_user = User.find(session[:user]) if session[:user] end def logged_in_user return @logged_in_user if is_logged_in? end def logged_in_user=(user) if

I''m having a problem with belongs_to and has_and_belongs_to_many. Here''s a brief summary of the models involved: class Member < ActiveRecord::Base set_primary_key ''member_id'' has_and_belongs_to_many :projects, :join_table => ''projects__members'' has_many :projects, :foreign_key => ''created_by'' end class

I was trying to use memcache for session storage in Typo. And i got following error, when user logs into the system. Session ID: Cookie set: is_admin=yes; path=/ Redirected to http://foobar.com:8002/admin/content Completed in 0.02042 (48 reqs/sec) | DB: 0.00236 (11%) | 302 Found [http://foobar.com/accounts/login] undefined class/module User

Hi, newbie here. I am trying to implement a filtering interface using observe_field. Using firebug I can see that I am getting the properly rendered html blob back in the response, but when it get inserted into the dom element that I am targeting, the plain html elements from the partial template have been stripped, leaving only the elements inserted via the <%= statements. I would

On some systems, putting vertex and index buffers in VRAM instead of GART memory eliminates massive graphics corruption which is otherwise present, due to unclear causes. This patch adds an environment variable that does that, along with helpful messages, prompting the user the report his configuration if we got the default setting wrong. It turns it on by default on NV49, as it is what I am

I didn''t get a chance to go to this meeting debating WebObjects Vs Rails, but here''s a report about it: http://desperatepundit.com/blog/cremes/technology/2006/02/15/WebObjects-versus-Ruby-On-Rails.html I don''t get what he''s saying, hand coding the model? yeah, you COULD ... but what about script/generate ??? And is that so what he said about security? --

From: Ben Skeggs <bskeggs at redhat.com> The winsys layer would attempt to cleanup the nouveau_device if screen init failed, however, in most paths the pipe driver would have already destroyed it, resulting in accesses to freed memory etc. This commit fixes the problem by allowing the winsys to detect whether the pipe driver's destroy function needs to be called or not. Signed-off-by:

On 12/07/2015 01:40 PM, Ilia Mirkin wrote: > This all seems very roundabout... Can't we do this in a somewhat > consistent way with the device being cleaned up in one place or > another but not both? That would be lovely, but not possible. It has to be cleaned up by the pipe screen destroy() function, as that's the normal exit path. If the pipe driver creation path fails before

What is the best way to implement a ''Down for Maintenance'' page across your Rails app? Ideally I would like to have a button in my admin section that toggles the display of a ''currently under maintenance'' page to every public request to the app (possibly with some dynamic content like estimated down-time) except for: - - requests from a specified IP

I have created a ''admin'' controller and all the necessary definitions and templates to delete, update and edit records and this is working OK, but how do I effectively restrict access to these defs'' from all but the admin user (called admin)? Currently I am just using if statements within the defs'' to check if it is the admin user logged in e.g; def index