I'm using the master trunk of AS with Rails 2.3.2
In one of my models I need to prevent the user from modifying the
model unless the current_user.id == creator_id. I am using the
nifty_authentication generator so I thought that perhaps the
current_user wasn't being passed through so I added a logger statement
to test things and I've run into something odd. Here's the code in my
model:
class Universe < ActiveRecord::Base
has_many :permissions
has_many :users, :through => :permissions
belongs_to :creator, :class_name => "User", :foreign_key
=> :creator_id
def authorized_for_update?
logger.error "current user id = #{current_user.id}, self stats = #
{self.to_yaml}"
return false unless current_user.id == self.creator_id
end
end
The logger statement reads like this in the log (there is currently
only one model in the database of this type currently):
current user id = 1, self stats = --- !ruby/object:Universe
attributes:
name:
created_at:
updated_at:
creator_id:
description:
attributes_cache: {}
new_record: true
So current_user.id is being set correctly, but shouldn't this have the
stats for the current model in it rather than a blank model? The model
in question should be showing up like this:
--- !ruby/object:Universe
attributes:
name: Avatars
created_at: 2009-05-24 21:32:38
updated_at: 2009-05-25 01:53:56
id: "1"
creator_id: "1"
description: blah, blah
attributes_cache: {}
If anyone has any idea what I'm doing wrong here I'd really appreciate
it.I've looked through the other posts on here and it seems like it
should be working.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en
-~----------~----~----~----~------~----~------~--~---
