similar to: rails and security

Hi, I would like to configure a Xen private network where the guests use private addresses. So far I have setup the Dom0 instances and the vm''s can access to the other guests inside the same server. Now my question is how can the guests reach the other guests that are located in other physical servers. Here is a diagram of how the network looks:

People, I''m looking at p. 152 in the Rails book where he talks about testing controllers [ functional tests ]. First he shows a method, test_login_with_valid_user, which tests that it''s possible to login with a valid user/password combo. Then, he talks about extracting the code he just wrote and placing it into a login method inside of test_helper.rb Once the method is there,

I want to create a spec/regressions directory with various regressions (for my rails project). I tried the following: describe LoginController, "regression for user creation when steves_sister does not exist", :behavior_type => :controller do controller_name :login before :each do @params = { "commit"=>"Create Account",

This is my environment.rb # Load the rails application require File.expand_path(''../application'', __FILE__) # Initialize the rails application Qstack::Application.initialize! require ''koala'' This is my application_controller.rb class ApplicationController < ActionController::Base # protect_from_forgery before_filter :parse_facebook_cookies def

Hi all. I am trying to find a way to insert an authenticity_token into the params of an Ajax request before it gets sent. I''ve got this much: Ajax.Responders.register({ onLoading: function(req){ if ((req.options.method == ''post'') && ! Object.keys(req.options.parameters).include(''authenticity_token'')){ ---->

Updated...(trimmed comments) $ gem list *** LOCAL GEMS *** actionmailer (1.3.1, 1.2.5) actionpack (1.13.1, 1.12.5) actionwebservice (1.2.1, 1.1.6) activerecord (1.15.1, 1.14.4) activesupport (1.4.0, 1.3.1) postgres (0.7.1) rails (1.2.1, 1.1.6) rake (0.7.1) rmagick (1.14.1, 1.13.0) sources (0.0.1) Updated application... $ rake rails:update (in /home/craig/svn/th-db/branches/phase3) install -c -m

Hi, everyone, I''m trying to update the content of a div using link_to_remote and RJS template. Everything works fine if I use the default Prototype/Scriptaculous libraries, but I want to use jRails ''coz other parts of my application use a lot of jQuery. Here are the steps I done: 1. inside StatesController.rb I defined the following action: def update_view # do nothing just

Hi, I''m having a problem trying to get a login controller working. When I try and post to my login controller I get the following error: ActionController::InvalidAuthenticityToken in LoginController#login login_controller: class LoginController < ApplicationController def login case request.method when :post if @session[''user''] =

Hi, I''m pretty new to all related to bdd and rspec and I have the following question. Is it possible to stub actions that return different objects depending on the parameteres they were called with? Something like this: MyClass.stub!(:method).with(1).and_return(@mock_object_1) MyClass.stub!(:method).with(2).and_return(@mock_object_2) I know I could use

I am geeting the foolowing error. undefined method `create_table'' for #<LoginController:0x5e60110> I wrote the crete action in application controller. I am coping ther total worng please help me! class ApplicationController < ActionController::Base model :cart model :line_item before_filter :authorize def create # create_table() yields a TableDefinition instance

Maybe I am grasping the full usage of this protect_from_forgery function, but it does not seem to work for me. Imagine the following: A simple website with a user that needs to log in to do certain stuff and a closed off admin section that only certain users can access that have the is_admin field set to true. So to be clear, my User model has a login, password and is_admin. When displaying the

Hi I am happy to announce the 0.3.1 release of ActiveRBAC Engine. The biggest improvement on the 0.3 release is that it runs with Rails 1.1 now. Get your personal copy now from https://activerbac.turingstudio.com/releases :) There is a manual PDF with a tutorial available at https://activerbac.turingstudio.com/releases/ActiveRbacManual.pdf which is also included in the full

I''ve been slamming my head against a wall for a while now, and would like some help. I believe this is session related. I have a story that looks like: -------------------------------------------------- Given that a post exists And I am logged in When I visit the post details page Then there should be a link to add a new comment

I have a simple form , with a file field = form_for (Clip.new), :html => {:multipart => true} , :remote => true , do |f| = f.hidden_field :user_id, {:value => current_user.id} = f.text_field :name = f.text_area :description = f.file_field :image = f.submit I18n.t(:add) generating the html code <form accept-charset="UTF-8"

hi all, in my application if the user forget the login details then they can go to a page where they can enter their mail id and the login details''ll be mailed them to that mail id.after mailing them the user''ll be redirected to the login page. but after entering the mail id and clicking the button im getting error like Errno::ECONNREFUSED in

seems pretty simple, my model... has_attached_file :pic_1, :styles => { :thumb => "120x90" }, :url => "/:attachment/:id_:style.:extension", :path => ":rails_root/public/system/:attachment/:id_:style.:extension" my view... <% form_tag(:action => ''create'', :html => { :multipart => true }) do -%> <label

Hello, I''m struggling my brain with this ajax issue ... Basically I have a form for creating records, and I want to submit it using Ajax. On previous versions of RoR (2.0.2) it was working, but the same methods doesn''t work on 2.2.2, and I started to make changes and changes and read forums and the api, but no way ... <% form_remote_for (:expedient, :url => {:action

I used to have Simple Captcha installed, but since I removed it I got all kinds of problems with login. Processing UsersController#login (for 188.177.122.179 at 2010-09-19 12:21:09) [POST] Parameters: {"commit"=>"OK", "authenticity_token"=>"/ Y0aZETCsMhyI3CkrZJK6O2NaLEoi+LRe8ZuDPWU9kc=",

Getting an odd error in Safari 4: Here''s the auth token that''s output to my javascript: 4HB8yAW4gU2xEavWOc+kiMoj4XIyCBUK/t704aOQ+co= Here''s what''s listed in the parameters: "authenticity_token"=>"4HB8yAW4gU2xEavWOc kiMoj4XIyCBUK/t704aOQ co=" notice: the +''s are being replaced by spaces. This a specific safari issue? I

for some reason the controller is parsing everything fine, but the return is a page instead of code execution. I have other ajax forms no listed that are also running fine on this same page. there are supposed to be 3 ajax events: onblur event that calls a function to submit - doesn''t work. There is a submit button at the end of the form - works there is a delete image that removed the