I am referring to this wonderful post:
http://pivotallabs.com/users/nick/blog/articles/272-access-control-permissions-in-rails/comments
for creating access rules for my application.
So from my controller and views I am calling method in user model as:
@currentuser.topic_admin?(topic)
### User model has this method:
def topic_admin?(topic)
topic.can_admin?(self)
end
----
### Topic model has this method:
def can_admin?(user)
valid_roles = %w{admin editor}
if valid_roles.include?(user.role.name)
return true
else
return false
end
end
---
The @currentuser is returned by a method in topic controller:
def current_user
@currentuser = User.find(session[:user])
end
Everything works fine as long as some user is logged in. If no one is
logged in then session has no data and I get error regarding nil.object
called...
How can I solve this problem? Am I going the wrong way? I wrote another
method to check if user is logged in and then only call current_user
method or topic_admin method. However, calling logged_in? method before
current_user is useless and calling it before topic_method means too
much code in the view. Any other alternatives? Any clues?
Thanks,
CS.
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
