MaD wrote: > for your permissions problem I'd suggest the implementation of roles > or groups. that way you can add users to groups or give them roles, > which can be checked in a before_filter in your controllers.
I thought about creating groups, but then won't this complicate things? I'll have group_pages table, and how do I manage those? can a user belongs to many groups? > for your permissions problem I'd suggest the implementation of roles > or groups. that way you can add users to groups or give them roles, > which can be checked in a before_filter in your controllers. > > sessions: > if you are using activerecordstore (and thus your sessions are saved > in a db-table) deleting those entries should result in a logout. there > should be configuration in your environment like this: > config.action_controller.session_store = :active_record_store after commenting the above line, I got an InvalidAuthentictyToken error, which probably comes from my login form. This is how my view looks now: <% form_for :user do |f| %> <p>user: <%= f.text_field :user_name %></p> <p>pass: <%= f.password_field :password %></p> <%= f.submit 'login' %> <% end %> I checked the markup and I can see the hidden field containing the authenticity token.. So I'm not sure why this messes up. Before these changes I had this view: <p>user: <%= text_field_tag :user_name, params[:user_name] %></p> <p>pass: <%= password_field_tag :password, params[:password] %></p> <%= submit_tag 'login' %> And things worked (except that the sessions weren't saved in the database). Help?.. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
