One solution would be to provide a guest user in the database that is returned by current_user when no-one is logged in, that enables you to give the guest user whatever roles you desire. Alternatively test @currentuser before calling topic_admin. As an aside I would suggest setting up @topic_admin true or false in controller rather than calling it from view, or even better if possible setup the data to be displayed in the controller/model and remove the logic from the view entirely.
2009/3/11 Carlos Santana <[email protected]> > > I am referring to this wonderful post: > > http://pivotallabs.com/users/nick/blog/articles/272-access-control-permissions-in-rails/comments > for creating access rules for my application. > > So from my controller and views I am calling method in user model as: > @currentuser.topic_admin?(topic) > > ### User model has this method: > def topic_admin?(topic) > topic.can_admin?(self) > end > ---- > > ### Topic model has this method: > def can_admin?(user) > valid_roles = %w{admin editor} > if valid_roles.include?(user.role.name) > return true > else > return false > end > end > --- > > The @currentuser is returned by a method in topic controller: > def current_user > @currentuser = User.find(session[:user]) > end > > Everything works fine as long as some user is logged in. If no one is > logged in then session has no data and I get error regarding nil.object > called... > > How can I solve this problem? Am I going the wrong way? I wrote another > method to check if user is logged in and then only call current_user > method or topic_admin method. However, calling logged_in? method before > current_user is useless and calling it before topic_method means too > much code in the view. Any other alternatives? Any clues? > > Thanks, > CS. > -- > Posted via http://www.ruby-forum.com/. > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
