http session nil

hi all,
i am new in ruby on rails,i have one issue regarding the session in ruby on rails.I am using session , i have following condition in my rhtml

<%if @session[‘user’].first_name == “admin”%>

but this ‘session’ is coming nil.i tried by setting

config.action_controller.session = { :key => “_suggestica_admin_session”, :secret => “80a6825007749a785439ca8d3ff54ac37a16acefea4788fa8c9ac8e69aef11eb7f3b06ab6e8d4a0e5023fb8e8a22ea197ee74828e16d8ab7e3e130fd0da7bea5” }

this in environment.rb also tried setting value in session_store.rb

ActionController::Base.session = {
:key => ‘_suggestica_admin_session’,
:secret => ‘35659c1f21207ecfeaf30aa32b72c717158eae4c41e665b7a31b26fc021890be31c8ed961cf695384030d34e3f3d0c8788d4733aac393e4003e077317c930b57’
}

but this also didn’t work

can any one know how to set the session for Rails 2.3.11 and gem version:1.6.2 and Ruby 1.8.7 on Windows as O.S

In rails session data is accessible only in controller. And thats how its meant to be according to MVC.

If you really need it in view you need to set an instance variable in controller and use it in view. But thats very bad and not supposed to be done. If you are accessing session data in views, i think you need to rethink your design to be more inline with mvc pattern.

Gautam Pai

thanks Gautam for your reply.
can you tell , how to set that session in where ?

In rails session data is accessible only in controller. And thats how its
meant to be according to MVC.

Really... based on the evidence of all the crappy apps I keep
inheriting, that's not correct. The session is perfectly accessible
from the views (although you're right - it *should* be avoided)

If you really need it in view you need to set an instance variable in
controller and use it in view.

If you look again at the code in the OP, you'll see it's trying to be
accessed as an instance variable - which almost certainly hasn't been
set.
If the OP wants to just change :
  @session['user'].first_name
to
  session['user'].first_name

...it may miraculously start working.

Two things...

a) Please don't store whole objects in session. It's really stinky.
Store the id, and reload it with each request.
b) Rather than the repetition of accessing session["user"] attributes
everywhere. Set a helper method in the application controller which
returns the current user (or use an authentication Gem that does it
for you)
Something like:
  def current_user
     @current_user ||= User.find(session[:user_id])
  end

Then set up methods in your user class to manage permissions (to make
them easier to manage).
  # user.rb
  def has_admin_rights?
    first_name == "admin"
  end

  # view
  <%if current_user.has_admin_rights? %>
            <table width="290" border="0" height="20" align="right"
cellspacing="0" cellpadding="0">

...see how it makes the code in the view more "self documenting"...

Also, look at abstracting things like roles (admin, user, guest, etc)
and statuses (awaiting_validation, active, retired) to state machines
rather than "magic-number" text comparisons on first-name fields :-/

HTH

thanks Michael for responding,my question is how that http session is set in ruby on rail ?
because in following code ‘@session’ is coming nil :

<%if @session != nil%>


<%else%>
<%if @session[‘user’].first_name == “admin”%>
      <table width="290" border="0" height="20" align="right" cellspacing="0" cellpadding="0">
   <%end%>

<%end%>

As I said.... "session" is *not* an instance variable. So remove the "@" sign...

thanks Michael,really thanks it solved my problem.