Thanks to all your assistance. I am going to try the filter approach this time. I will let you know if this solves it.
On Apr 7, 11:36 am, Kenny Ortmann <[email protected]> wrote: > You can't get to the session when you are declaring the config. You need to > do this on a before filter. > > before_filter :add_delete_if_admin > > def add_delete_if_admin > if session['user'].admin > active_scaffold_config.actions.add :delete > else > active_scaffold_config.actions.exclude :delete > end > end > > you should also implement this method, which will prevent the deletion from > happening if someone is trying to url hijack and delete things. > > def delete_authorized? > session['user'].admin > end > > On Mon, Apr 6, 2009 at 11:27 PM, [email protected] < > > [email protected]> wrote: > > > Does anyone know how to check the current user field (I have an admin > > field to have a simple role base permission level) in the > > "config.actions.add :delete" line? > > > The generated loginsystem store the session['user'], and I was able to > > use that object data in the view but not the controller where I use > > config.actions.add to add the delete as an option for admin only. > > > I tried it with @session['user'].admin, session['user'], and other > > variations and it wasn't able to even pull that session up. > > > Can anyone please help? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "ActiveScaffold : Ruby on Rails plugin" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/activescaffold?hl=en -~----------~----~----~----~------~----~------~--~---
