I inserted some suggestions into your code..
module SessionsHelper
> def log_in(user)
> session[:user_id] = user.id
> end
>
> def current_user
> @current_user ||= User.find_by(id: session[:user_id])
> end
>
> # Returns true if the given user is the current user.
> def current_user?(user)
> user == current_user
> end
>
> def logged_in?
> !current_user.nil?
> end
>
> # Redirects to stored location (or to the default).
> def redirect_back_or(default)
> redirect_to(session[:forwarding_url] || default)
> session.delete(:forwarding_url)
> end
>
> # Stores the URL trying to be accessed.
> def store_location
> session[:forwarding_url] = request.url if request.get?
> end
>
> def log_out
> session.delete(:user_id)
> @current_user = nil
> session.delete(:isitadmin)
> end
>
> def admin(role)
> session[:isitadmin] = role
> end
>
> I don't think you need this
>
> #def checkadmin
> # admin?(session[:isitadmin])
> # end
>
>
>
You are making the call to admin? to verify whether or not a
current_user has roleid type '1', eg is an admin. I believe this should
read
def admin? (no argument)
current_user.roleid == "1" ? true : false (roleid, as you
indicate below, is the field that is storing that flag. Need to test it
as a string.
end
> def admin?(rolea)
> rolea == 1
> end
>
> end
> end
>
>
> This is my sessions_controller.rb file
>
> def loginnow
> role = User.where(userid: params[:session][:userid]).pluck(:roleid)
> ## This call isn't necessary
>
>
> user = User.find_by(userid: params[:session][:userid]) ## you should
> verify validity of session[:userid], and then check validity of user
> if user && user.authenticate(params[:session][:password])
> # Log the user in and redirect to the user's show page.
> admin user.roleid.to_s ## to_s may not be necessary
> log_in user
>
>
>
Change this to if user.admin?
> if admin?(role)
> flash.now[:info] = 'You are logged in as Admin and your roleid is
> #{role}' ## Remove .now, see
> http://api.rubyonrails.org/classes/ActionDispatch/Flash/FlashHash.html#method-i-now
> redirect_to dashboard_index_path ## are you displaying flash
> in view... Something like <% flash.each .... %>
> puts
> "*******************************************************************************************************"
>
>
> puts "The roleid is #{rolea} executed in if part"
> puts
> "*******************************************************************************************************"
> else
> flash.now[:danger] = 'For some reason you are not recognized as
> Admin and the roleid is #{role}'
> redirect_to dashboard_index_path
> puts
> "*******************************************************************************************************"
> puts "The roleid is #{role} executed in else part"
> puts
> "*******************************************************************************************************"
> end
>
>
>
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/rubyonrails-talk/8af5edba-9c04-4580-8c26-8899c06c63ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
