Hi,
I am following the excellent tutorial http://www.railsforum.com/viewtopic.php?id=14216 (post 5) on how to implement an access control feature i.e. only a friend is allowed to view a profile of a particular member. I am not using the restful authentication plugin as the author is using to implement the authentication feature (post 1) in the tutorial. All I am interested in is the post 5 where the author explains how to implement access control. I have created the friends table and followed post 5 step by step, unfortunately I am getting the following error when I try to attempt to run the "show" method. Some tips will really be helpful, many thanks in advance
error: stack level too deep usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ reflection.rb:219:in `derive_class_name' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ reflection.rb:106:in `class_name' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ reflection.rb:129:in `klass' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ reflection.rb:189:in `source_reflection' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ reflection.rb:189:in `collect' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ reflection.rb:189:in `source_reflection' ... /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ associations.rb:1128:in `new' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ associations.rb:1128:in `pals' app/models/user.rb:17:in `has_pal?' app/controllers/users_controller.rb:20:in `show'
/models/user.rb
line 16: def has_pal?(pal) line 17: self.pals.find(pal) ? true : false Line 18: end
/controllers/users_controller.rb
Line 18: def show Line 19: @info = User.find(params[:id]) Line 20: unless current_user.has_pal?(@info) Line 21: redirect_to :controller => "users", :action => "index" Line 22: end Line 23: end
here is the full contents of the user model
require 'digest/sha1' class User < ActiveRecord::Base has_many :pals has_many :pals, :through => :pals # attr_accessor :password
validates_presence_of :username validates_presence_of :password validates_presence_of :password_confirmation validates_length_of :password, :within => 4..40 validates_confirmation_of :password validates_length_of :username, :within => 3..40 validates_length_of :email, :within => 3..100 validates_uniqueness_of :username, :email, :case_sensitive => false
def has_pal?(pal) # self.pals.find(pal) ? true : false end
#validate # errors.add_to_base("No password") if crypted_password.blank? # end
# Authenticates a user by their username name and unencrypted password. Returns the user or nil. def self.authenticate(username, crypted_password) login = find_by_username(username) # need to get the salt if login expected_password = encrypted_password(crypted_password, login.salt) if login.crypted_password != expected_password login = nil end end login end
def password @password end def password=(pw) @password = pw create_new_salt self.crypted_password = User.encrypted_password(self.password, self.salt) end
def remember_token? remember_token_expires_at && Time.now.utc < remember_token_expires_at end
# These create and unset the fields required for remembering users between browser closes def remember_me self.remember_token_expires_at = 2.weeks.from_now.utc self.remember_token = encrypt("#{email}-- #{remember_token_expires_at}") save(false) end
def forget_me self.remember_token_expires_at = nil self.remember_token = nil save(false) end
private # before filter def self.encrypted_password(password, salt) string_to_hash = "#{password}wibble"+ salt Digest::SHA1.hexdigest(string_to_hash) end
def create_new_salt self.salt = self.object_id.to_s + rand.to_s end end