similar to: Spring Cleaning

Im having an issue that seems to only happen when trying to use a transaction. Ive used transactions many times in the past and Im at a loss as to why im getting the stack level too deep problem. SystemStackError - stack level too deep: actionpack (3.2.13) lib/action_dispatch/middleware/reloader.rb:70:in `'' I have a StackOveflow with more detail -

In an app where ordinary users are limited to viewing and editing their own "stuff", but someone with admin privs can view and edit anybody''s stuff, what''s the right strategy for routing? At first blush, I''d think that an ordinary user (e.g. with id 565) should see something like: http://example.com/mystuff.html ... where the controller assumes

Hi all, I am facing problem in getting subdomain name inside the model. The following is my setup. I am using cancan for authorization.I wanted a specific condition in Ability.rb ( the file which is placed in models if we install cancan gem). Below is the condition I wanted: ========================================================= user ||= User.new # guest user (not logged in) if

I''m doing RSpec controller testing with CanCan authorization, and I''m seeing something I''ve never seen in RSpec before: the same test run twice fails on the second one. I am NOT doing before(:all) or other things that should cause state to persist between tests: Here''s the relevant code: context "POST create" do context "with user logged

Hi, I am new to ROR and learning it. In my controller I have an admins record and I am passing that admin object to the admin''s view page to get the name of the admin. But when I try to access the name it is showing error as "undefined method `name'' for :current_admin:Symbol".. Please help.. Please find my code below Sessions Controller def create

So I got CanCan and Devise working well. I have two types of users: Admins and Nonadmins. Admins can edit all of Nonadmins profiles. The problem is, every user (either Admin or Nonadmin) belongs to an Account or Organization. Admins should only be able to edit users from their own Account or Organization. I was able to do that too. The problem is, I can''t display the Create New User

Hello I have a rails 3 app and I am trying to implement the redirect back action at access denied for cancan. If I try this in my application_controller: rescue_from CanCan::AccessDenied do |exception| redirect_to :back end It gives the following error: No HTTP_REFERER was set in the request to this action, so redirect_to :back could not be called successfully. If this is a test, make sure

I have the following scenario. Users have various levels of ability. They can only view and edit their own records (their profile). Their managers can only view and edit their employees records. The regional managers can view and edit only the people in their regions and the corporate headquarters can view and edit all records. There are multiple regions so somebody can be the manager of the

Hi all, I just installed cancan on a new project and found out that it creates some problems with the new scoped mass assignment features of rails 3.2 . Basically, in my User model I create some attr_accessible attributes in order to avoid users to edit their roles or other sensitive information. From the administration I allow admins to edit those protected attributes by passing

I''m working on an app that makes use of rails'' optimistic locking feature and seeing some possibilities for improvements. It seems a bit tedious to have to add :lock_version to forms wherever the model is used. You also have to "hack" around rails'' UJS feature to add it as a URL parameter when using remote: true, method: [:put, :patch, :post, :delete].

Hi, surely I''m missing something... but what!? in my spec I''ve User.should_receive(:find).with("1").and_return(@user) and in my controller User.find(params[:id]) green light... correct... but if I change my controller using another method, for example first: User.first or even User.all I get green light too... I was expecting an error like expected: 1 time

Hello! While running bundle exec rake, I receive following error (see in attached file) However, my tests are steel passing with command rspec spec/controllers/ Some info: ads_controller.rb: class AdsController < ApplicationController load_and_authorize_resource except: :create end ads_controller_spec.rb: require ''spec_helper'' describe AdsController do render_views

I successfully made login system with Devise and CanCan, and I have 3 types of users. Admin, internal and global users. I created Controllers and index actions: Admin, Cpanel, Report and State, and I want to restrict access to this controllers for some users. Admin user should have privilegies to access: Reports(all), State (read), Admin (all) Global user should have privilegies to access:

hi all, i am using 3 devises for 3 models in rails4. i need routes to my devise models.the devises are client,admin,employee. when i login into client then it will go to clients dashboard, when i login into admin then it will go to admins dashboard, the employee also has the employee dashboard. if i do not enter any login then the common dashboard body message is please signin. please let me

Hello,I am quite new on rails. Currently making CRUD apps in rails 3.0 in windows. I''ve used devise [1.1.rc0] for authentication.In those apps any logged in user can change other user''s details. How can I design the app, so that any logged in user can edit/remove his details only if he wishes to do so and can only view others'' records. After logging in he should be

My site is using Devise and Cancan. Currently I have 3 roles setup I am testing creating a new user using the following command (role is required): curl -H "Content-Type:application/json" -H "Accept:application/json" - d "{\"user\":{\"email\":\"test01-J0of1frlU80@public.gmane.org\", \"role\":\"2\", \"name\":

I have 2 distinct types of users (artists and curators) in my system and they currently share all associations (eg has_one :portfolio). However, a curator shouldn''t have a portfolio so I would like to only add that association when required. Obviously I could just return nil for that method, but it doesn''t feel right having that there in the first place. What''s the best

Hello, I have a setup similar to Rweb ( http://www.math.montana.edu/Rweb/ ): I get R scripts from users and need to execute them in in a safe manner (they are executed automatically, without human inspection). I would like to limit the user's script to reading from STDIN and writing to STDOUT/ERR. Specifically, preventing any kind of interaction with the underlying operating system (files,

hi... i am using two devises in rails 4 application,i need the routes for those devises. rails 4 is new feature for routes -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to

First of all, I use RVM and I installed ruby-1.9.2-head, which I used to create a new rails3 gemset. Then I changed to that gemset with rvm use 1.9.2-head@rails3 and I ran bundle install over the following Gemfile: source ''http://rubygems.org'' gem ''rails'', ''3.0.0.beta4'' gem ''sqlite3-ruby'', :require =>