Using Radiant 0.9.1, Ruby 1.8.7, Apache + mod_passenger in development
environment (for now).

I'm writing a simple extension, where I have a base controller class
that goes like this:

class Admin::BaseController < ApplicationController
  # allow only admins to the actions in this controller
only_allow_access_to :index, :show, :new, :create, :edit, :update, :remove, 
    :when => :admin,
    :denied_url => { :controller => '/admin/pages', :action =>
'index' },
    :denied_message => 'You must have administrative privileges to
perform this action.'

  # using inherited resources

  # common controller code

And a bunch of controllers that manage contacts, etc.

class Admin::ContactsController < Admin::BaseController

But when a non-admin attempts to access this controller  access is
granted but shouldn't be. It appears that only_allow_access_to method
call does not get inherited into Admin::ContactsController or any
other controller that inherits from Admin::BaseController . Why? What
am I missing?

I can copy/paste the call to only_allow_access_to for each controller,
but it seems not very DRY.

Having Googled this issue, I found no explanation and ran into a
single msg in this group but no replies.

Would anyone be able to explain why call to only_allow_access_to isn't
being inherited?


Reply via email to