Problem with blocking the user

Hi,
I have a problem with blocking user as follows:-

We have a Admin Panel from where Admin can block the user which is
working fine.
Suppose the user "test@abc.com" is login and he is doing spam on our
site. Then Admin has decided to block that user. Admin blocks that user
but the user hasn't logged out yet due to that he still can do Spam the
site.

How can I fix this? I do not want to add any filter for each request.

Is it possible to get the session of that spam user and then reset that?

Thanks

I don’t know if this is the correct way to do but you can add an “is_blocked” field in the user table whose default value is false. Then you can add a before_filter in the controller which validates the above field.

I do not want to use the filter. It will become an overhead for each and
every request. Is there any other way?

aash dhariya wrote in post #1066492:

What is current method you use to block the user?

Why don't you want to do the test in a filter? Presumably you are
already running a before_filter to check that the user is logged in,
just put the check in there. The overheads will be trivial. If you
are seriously worried about the overheads then just do the test on
actions that matter, such as sending the spam.

Colin

Set ‘session[:blocked]’ when they make their next post.

I’m not sure how your sessions are set up, but if done correctly you should be able to destroy the session (thus forcing the user to re-log in on next action). Given that their account has been disabled, the next login should also fail.

I'm not sure how your sessions are set up, but if done correctly you should
be able to destroy the session (thus forcing the user to re-log in on next
action). Given that their account has been disabled, the next login should
also fail.

The OP's problem is that he wants to destroy the session from the
admin operation rather than from an action invoked by the user who's
session it is.

Colin