Displaying 20 results from an estimated 2000 matches similar to: "newbie before_filter question"
2009 Jul 25
3
Rails Authorization and Security question
Working through the Users and Authentication of Learning Rails book
(great book, code needs to be proof-read in a few cases, though), I
came across this:
There''s still one leftover that may be worth addressing, depending on
your security needs. The authorization? method has secured the data,
and the view no longer shows the user options they can''t really use,
but if a
2006 Feb 27
3
Send parameter along with method in before_filter
Hello list,
I have an app that has a very simple authorization scheme. A person can have
many roles and roles can have many people.
In my app, I''d like to do
before_filter :login_required (since no role name is provided, it accepts
any users with credentials)
before_filter :login_required ("administrator") (only accepts those with
role administrator)
before_filter
2006 Mar 22
4
Problem with ACL plugin system
Don''t know if anyone else has experienced this but I''m having a problem
with the access_denied method in Ezra''s ACL access control plugin. It''s
working fine (in conjunction with acts_as_authenticated) until it comes
across a user it denies access to, in which case it throws the following
error:
NoMethodError in Admin#index
protected method
2006 Apr 27
7
Role Based Authorization recipe implementation?
i got the rails recipes book, i have now an auth system for users
without problems, now i want to made a role based acces for my app, im
following the "Role Based Authorization" recipe of the book but i cant
make it to work even when the tables created and correctly added data
manually definig the roles and rights. als i dont know how to define a
right for use all the actions in a
2008 Mar 28
10
Inheriting from AdminController intstead from ApplicationController
Hi
I would like to do the following:
I have created an admin namespace and the required folders app/admin
views/admin etc. And then I wanted all controllers under app/admin to
inherit from a controller named AdminController which resists under
app/admin/admin.rb instead of inhereting from ApplicationController,
so I could better separate between admin and public section. The
AdminController
2006 Mar 30
6
Global Method Declaration?
Is there a place where I can put a method that can be accessed in both
views and controllers?
Here''s the situation, maybe someone can suggest a better way to go about this:
I created my own custom login system with email verification and user
roles (basically, I tinkered around with SaltedHashLoginGenerator
until I finally gave up and wrote my own). One role, of course, is an
admin
2007 Jul 30
6
Object.stubs doesn''t seem to work.
Hi
I''m using Mocha 0.5.3 and I want to stub out a call to Time.now, just
like the example in the post
http://blog.floehopper.org/articles/2007/06/08/mocha-0-5-released
However, trying it in irb gets me the following error:
>> require ''mocha''
=> true
>> Time.stubs(:now).returns(Time.parse(''Thu Feb 01 00:00:00 UTC 2007''))
NoMethodError:
2008 Jan 30
2
Where can I get "authenticate_with_http_basic"?
Hi,
I just installed Rails 2.0.2
[root@mymachine easyx]# ruby --version
ruby 1.8.6 (2007-03-13 patchlevel 0) [i686-linux]
[root@mymachine easyrx]# gem install rails --include-dependencies
Need to update 16 gems from http://gems.rubyforge.org
................
complete
Successfully installed rails-2.0.2
[root@remandev easyrx]#
But I''m getting this error in my restful_authentication
2007 Oct 15
0
Fwd: Content filtered message notification
I''m not sure why mailman bounced your message (perhaps because you are not
subscribed to the mailing list), but I''m glad you have solved your problem.
Cheers, James.
---------- Forwarded message ----------
From: mailman-bounces at rubyforge.org <mailman-bounces at rubyforge.org>
Date: 14 Oct 2007 17:21
Subject: Content filtered message notification
To:
2006 Jan 16
16
acts_as_authenticated current_user in a model?
What do I need to do to be able to use an acts_as_authenticated
current_user in a model?
Is there some sort of include or require I can do some where that would
allow this?
**********************************************************
Here is what I am trying to do:
**********************************************************
class Setting < ActiveRecord::Base
before_create :created_by_user #
2006 Feb 23
13
Check if a saved user''s name is admin
Hi all,
I have a question about this method in my User model:
# Returns true for the (saved) user called "admin"
def is_the_administrator
true if save and name == "admin"
end
The method returns true if the user''s name is admin. However, I only want to
return true if the state of the object is "saved", so I call the save method
first.
I''m
2006 Feb 21
0
acl_system plugin first look
Friends-
Here is another plugin hot off the presses of the three day
weekend ;) Its a role based authorization system. I have been talking
with Bill Katz about this system so it ties in with his recent
announcement as well. Its just my implementation.
Its an acl/role type system that can sit on top of the
acts_as_authenticated login system or any login system that
implements a few
2006 Feb 20
6
LoginGenerator - multiple user types...
I have been looking at the LoginGenerator gem. Looks great and can be
easily modified. However in my app I have two places where people can
login, one is for in my case "employees" the other is for "users". They
are seperate tables in my database and have many different fields.
I have an admin area located at ./sysadmin/ where only "employees" can
login, they
2009 Jun 05
6
rails 2.3.2
Hi all,
I am using rails v.2.3.2 and if I put following line to my
ApplicationController:
include LoginSystem
and I moved my login_system.rb to lib folder:
module LoginSystem
protected
def is_logged_in?
@logged_in_user = User.find(session[:user]) if session[:user]
end
def logged_in_user
return @logged_in_user if is_logged_in?
end
def logged_in_user=(user)
if
2008 Jun 17
3
Help with error - uninitialized constant AuthenticatedSystem::Base64
I am using restful_Authentication plugin combined with the built-in
http_basic authentication Rails 2.0.2
The following code in my controller seemed to work fine,
1. before_filter :authenticate
2.
3. def authenticate
4. case request.format
5. when Mime::XML, Mime::ATOM
6. if user = authenticate_with_http_basic { |name,
pass| User.authenticate(name,
2009 May 29
1
assert method is not visible?
Hi,
test "is_admin method is not visible" do
get :is_admin
assert_???
end
is_admin is protected and should stay that way forever. What assertion
do I use?
M.
--
Posted via http://www.ruby-forum.com/.
2006 Apr 12
3
acts_as_authenticated trouble
First off, I''d like to address that I''m n00bs.
I''ve read the README and blogs associated with this plugin, and there
really isn''t too much documentation. I have the newest version of
rails,ruby, and acts_as_authenticated installed.
#The setup
I set up the acts_as_authenticated in the following manner.
*created a table called "accounts" in the
2010 May 27
3
before_filter always running in test, not in development or production mode.
I''m using Shoulda and restful_authentication on Rails3 and whenever I
run my tests a before filter for login_required is always triggered,
despite my filter being set up as:
before_filter :login_required, :only =>
[:update, :edit, :suspend, :unsuspend, :destroy, :purge]
My test is this:
context ''A guest to the site'' do
context ''on GET to
2006 Mar 16
6
Sessions or lookups?
My application needs to know if a user is an administrator, for security
and aesthetic reasons. At the moment, I store true/false in the session
by doing the following at login:
session[:user_is_admin] = authenticated_user.is_admin?
Is this OK to do? Or should I really be doing the following every time:
User.find(session[:user_id]).is_admin?
(user_id is always in the session too)
Is there
2005 Mar 10
8
Login controller additions
I have added roles and roles_users table and updated the model so that
my users can have multiple roles.
("Admin" role does always have id = 1).
I have added these methods to my application controller.
<code>
helper_method :is_admin?
helper_method :is_user?
def is_admin?
if @session[''user'']
@session[''user''].roles.find(1)