In rails session data is accessible only in controller. And thats how its meant to be according to MVC.
If you really need it in view you need to set an instance variable in controller and use it in view. But thats very bad and not supposed to be done. If you are accessing session data in views, i think you need to rethink your design to be more inline with mvc pattern.
In rails session data is accessible only in controller. And thats how its
meant to be according to MVC.
Really... based on the evidence of all the crappy apps I keep
inheriting, that's not correct. The session is perfectly accessible
from the views (although you're right - it *should* be avoided)
If you really need it in view you need to set an instance variable in
controller and use it in view.
If you look again at the code in the OP, you'll see it's trying to be
accessed as an instance variable - which almost certainly hasn't been
set.
If the OP wants to just change :
@session['user'].first_name
to
session['user'].first_name
...it may miraculously start working.
Two things...
a) Please don't store whole objects in session. It's really stinky.
Store the id, and reload it with each request.
b) Rather than the repetition of accessing session["user"] attributes
everywhere. Set a helper method in the application controller which
returns the current user (or use an authentication Gem that does it
for you)
Something like:
def current_user
@current_user ||= User.find(session[:user_id])
end
Then set up methods in your user class to manage permissions (to make
them easier to manage).
# user.rb
def has_admin_rights?
first_name == "admin"
end
...see how it makes the code in the view more "self documenting"...
Also, look at abstracting things like roles (admin, user, guest, etc)
and statuses (awaiting_validation, active, retired) to state machines
rather than "magic-number" text comparisons on first-name fields :-/