similar to: Mocking Access Control

I''ve setup a new mongrel cluster on my VPS, and am noticing a lot if 503 errors if I try to hit the server too many times in succession in a few seconds. I''ve read that this is usually caused by the cluster crashing, but I haven''t been seen the cluster crash when I do this. Does anyone have any other ideas what might cause this? I have my server configured how

I''ve added a method to the mock class that makes it pretty easy to stub associations in rails. I''ve been using it for awhile and it seems to cut down on a lot of setup code for the controller and model specs that use associations. #before @person = mock_model(Person) posts = mock(''post_proxy'') posts.stub!(:build).and_return(mock_model(Post, :save => true))

I have multiple roles in my application. Now I want to block a method for all users except the administrator and a manager. When I do this: before_filter (:check_administrator_role), :only => [:administration] before_filter (:check_taskmanager_role), :only => [:administration] The user must have both roles. How can I change that to an "OR" combination? -- Posted via

I''m dynamically generating menu options based on the currently logged in user: current_user. My menus are setup on the applicatin.rhtml file. The current_user is defined in the application controller. But, attempting to assign it a value while in the application controller results in an ''undefined method'' error. ApplicationController .... def current_user @cu =

I am trying to create a null object in my application. I would like to assigned a null user object for anonymous/ mot-logged-in user, i.e. if session variable has nil data. In my User model, I have created a subclass like this: class UnassignedUser < User def save false end def update false end def username "Unassigned" end def county_id

Greetings, I am working on extending a new part of our site to use Ruby on Rails, and have several portions of the site that is included in external files. The rest of the site is built on top of MovableType and uses PHP Includes to reference the external files. Is there similar functionality in Ruby or Rails that I can use so I don''t have to update excess content in two

Hello, I have this cucumber step definition: Given /^the site has pages "(.+)" and "(.+)"$/ do | page_1, page_2 | Page.create :title => page_1 if Page.find_by_title(page_1).nil? Page.create :title => page_2 if Page.find_by_title(page_2).nil? end This works, but obviously I would like to DRY it up. I was thinking along the lines. Given /^the site has pages

I know its probably doesnt sound right, but I am trying to call a before_filter method that will check whats the user role and then based on that return a string / hash / array to the before_filter something like this: class MonqiClassesController < ResourceController::Base before_filter :check_user_access_level , grant_access def check_user_access_level if

undefined method `each'' for 0:Fixnum at line @school = School.find_by_title(params[:school_id].gsub(''-'', " ")) for team in @school.teams ........ end @school does exist cause i tried with .find(:first) and it gave the same error. Also I''m getting undefined method `reject'' for #<Game:0x24ca1c4> From @home.game_ids = @game

Hello everyone, I was trying to set up access control in a new application Im working on, I''m trying to use the excellent authorization plugin from Bill Katz, Its pretty straight forward to setup and should be to use. But when i try to give the same permission on two differents users on the same object i get an error. (Well , Im kinda new to all this rails stuff) r = Red.find(1) u1 =

Still new to Specs... How do I create a spec to test a model method? Specifically, here is my spec: #testing model describe User do it "should have many user roles" do User.reflect_on_association(:user_roles).should_not be_nil end it "should have many roles though user roles" do User.reflect_on_association(:roles).should_not be_nil end it "should know

Can I set an application wide instance variable that is available for all actions...and their views? eg. class ApplicationController < ActionController::Base @current_user = User.find(session[:user_id]) end and everywhere I can call @current_user.id and I can get that object? Even down in the views? I could not get this to work... Thanks in advance, Jeff -------------- next part

i got two controller (with restful actions) where my code is quite ugly and not very dry. every action looks quite like this: if @logged_user.has_role?("admin") User.find(params[:id) else @logged_user.group.user.find(params[:id]) this is a security check that enforce a simple spec: normal user should read/write information only about their group''s users, but

Hi,- I am looking for a clean and secure way for an ActiveRecord instance to delete itself. Say I have a User model in my app. Then the destructive action would be /users/user_id/destroy. If this action is not secured by a filter like: (*) before_filter :check_administrator_role, :only => :destroy then any user could potentially log in and start issuing: /users/1/destroy /users/2/destroy .

I have a model layer containing Movie, Person, Role, and RoleType, making it possible to express facts such as "Clint Easterbunny is director of the movie Gran Milano". The relevant model and associations look like this class Movie < ActiveRecord::Base has_many :roles, :include => :role_type, :dependent => :destroy has_many :participants, :through => :roles, :source

Hi all, I''ve put new code into my app so that an administrator will have extra privileges (administer users, edit pages). The error is: ''Couldn''t find User without an ID'' So the app is looking for a logged in user when the homepage is accessed. Heres my code: site/index view: <% if is_logged_in? and logged_in_user.has_role?(''Moderator'')

Hi, I''m very new to rspec so please be patient with me. I''ve tried to take some of my tests out of the controller specs to check for things that are rendered. This has not worked so well, since my views have the controller method current_user in quite a few places. Is there any way that I can define this so that my views will be executed? Will this same thing occur for all

Hi all, Are there any plans for better documentation for the new StoryRunner feature? I tried to use it today (with Rails), and had a hard time getting my head around whether I was doing it "right" and exactly what things are appropriate to test at that level (this might be exacerbated by the fact that I''ve never really used integration testing that much). A full example of

Let''s say you''re using the restful_authentication plugin. You have a model called articles. On the index action of the articlescontroller you simply want to spec out that it''ll scope the results to the ownership of the current_user. It should NOT include any articles other than the articles that user owns. How would you properly spec this out? Thanks for the help!

All, I''m missing something simple, I think. I am writing a spec to say that my CouponController should create a new coupon from the form parameters, then set the current user. Here''s the spec: describe CouponController, "When posting to save_coupon" do before(:each) do @expectedName = "pepper''s" @expectedAmount = 5 coupon =