i am using the acl_system plugin but am having problems when users try
to access restricted pages before they are logged in.
i have my before_filter :check_authentication before the access_control
line, but everytime i try to access a page without being logged in, i
get an error saying:
Well the acl_system plugin does its thing based on the current_user method. SO you really should only be using the access_control for pages that you are sure the users will be logged in for. The login action has to set the current_user for access_control to work. Can you paste your controller code? I can help make it work.
Well the acl_system plugin does its thing based on the
current_user method. SO you really should only be using the
access_control for pages that you are sure the users will be
logged in for. The login action has to set the current_user for
access_control to work.
sure, but when i ran across that very same problem, i decided that
acl_system should simply allow access if the user hasn't been logged
in yet:
---- snip ----
module Caboose::LogicParser
alias :original_process :process
def process(logicstring, context)
context[:user].nil? or original_process(logicstring, context)
end
end
---- snip ----
otherwise i wouldn't be able to protect my login controller (which
actually is an account controller) by acl_system.
I ran into this problem because i have emails sent out with links to
certain tasks, but it requires login in order to view them.
i store the intended url in a session variable and then redirect them
to that page once they are logged in so that they don't have to dig
through all of the tasks to find the one they were looking for.