User stamping and Authlogic

rubyonrails-talk
1

[I originally posted this to the Authlogic group, but since it's more of a general Rails issue, I'm reposting it here. Since I wrote the original, I've been leaning more toward using Thread.current.]

Hi folks.

I have what seems like a common problem, but I can't seem to find a good answer to how to do this with Authlogic. I'm writing a medical records application, so I need a userstamped audit trail of changes to each record and association. Oddly enough, none of the versioning plugins for Rails take care of both the user stamping and the association versioning, so my plan at the moment is to use acts_as_revisable. I can figure out how to get everything done -- except make the current user available to the model so that the version plugin can see it. As far as I can tell, there are the following options:

* Have the model belong to User: won't work in my use case, because each revision could be made by a different user. * Have a before_filter assign to User.current_user: seems simple, and I've done it that way in the past, but I understand that this can run into concurrency issues, so I'm not eager to do it this way again. * Have a before_filter put the current user into Thread.current, so that the whole app can see it: again, looks great, but I'm not sure how to clean up Thread.current at the end of the request. * Call UserSession.find directly in the model: sounds wonderfully simple, but will it work?

What should I do here?

Best,

2

I've been pondering how to do user stamping lately too, event though I dont need to keep a trail like you do. I dont want to make current_user available to all models, and I dont want to use Thread.current. I've been thinking about using this: http://railstips.org/blog/archives/2008/10/17/who-done-what-a-k-a-user-stamping/

"Eventually, we decided on a sweeper as they have access to controllers which would have access to the current user"

Maybe that solution gives you some ideas?

3

Sharagoz -- wrote:

I've been pondering how to do user stamping lately too, event though I dont need to keep a trail like you do. I dont want to make current_user available to all models, and I dont want to use Thread.current. I've been thinking about using this: Who Done What? a.k.a. User Stamping // RailsTips by John Nunemaker

"Eventually, we decided on a sweeper as they have access to controllers which would have access to the current user"

Maybe that solution gives you some ideas?

Thanks for pointing me back to that. I'd looked at that page briefly, but not really read it in detail. I think that if I add an updated_by field to my model, I should be able to use that plugin out of the box along with my version control gem (probably acts_as_revisable).

Best,