How do I check if a user is logged in and redirect to /login if not?
(for all actions in my messages controller)
The authorization plugin has added a roles table, does anyone have an
example on how to use such a role? Should I add thoose roles from
mysql or the console?
What I am trying to do is very basic - the logged in user should only
CRUD his/her own records /objects. How should that be implemented?
This is an example:
def edit
@blog = Blog.find(params[:id])
end
def update
@blog = Blog.find(params[:id])
if @blog.update_attributes(params[:blog])
redirect_to :controller => 'blogs', :action => 'show', :id =>
@blog
else
render :action => 'edit'
end
end
Hope that any of you can help me out here. I am a bit stuck and been
working on this all weekend.
How do I check if a user is logged in and redirect to /login if not?
(for all actions in my messages controller)
Provided that you have
include AuthenticatedSystem
in either your MessagesController or your application.rb, you can use
before_filter :login_required
in every controller you need to limit to logged in users.
The authorization plugin has added a roles table, does anyone have an
example on how to use such a role? Should I add thoose roles from
mysql or the console?
I tend to add my basic roles either within a migration, or from a
short rake task. Generally I think its preferable not to work directly
in the database layer, because by circumventing Rails/ActiveRecord you
may lose out on validations and the like.
Or do you need examples how to manage roles from the web frontend?
What I am trying to do is very basic - the logged in user should only
CRUD his/her own records /objects. How should that be implemented?
This can often be done quite nicely with a before_filter that loads
the appropriate object, e.g assuming User has_one :blog :
before_filter :load_blog
protected
def load_blog
@blog = current_user.blog
end
and have all your other methods use @blog instead of their own
finders.