Friday, December 23, 2011
On Fri, Dec 23, 2011 at 2:41 PM, Michael Pavling <pavling@gmail.com> wrote:
On 23 December 2011 07:19, Gomzi Pai <gomzi.pai@gmail.com> wrote:Really... based on the evidence of all the crappy apps I keep
> In rails session data is accessible only in controller. And thats how its
> meant to be according to MVC.
inheriting, that's not correct. The session is perfectly accessible
from the views (although you're right - it *should* be avoided)
If you look again at the code in the OP, you'll see it's trying to be
> If you really need it in view you need to set an instance variable in
> controller and use it in view.
accessed as an instance variable - which almost certainly hasn't been
set.
If the OP wants to just change :
@session['user'].first_name
to
session['user'].first_name
...it may miraculously start working.
Two things...
a) Please don't store whole objects in session. It's really stinky.
Store the id, and reload it with each request.
b) Rather than the repetition of accessing session["user"] attributes
everywhere. Set a helper method in the application controller which
returns the current user (or use an authentication Gem that does it
for you)
Something like:
def current_user
@current_user ||= User.find(session[:user_id])
end
Then set up methods in your user class to manage permissions (to make
them easier to manage).
# user.rb
def has_admin_rights?
first_name == "admin"
end
# view
<%if current_user.has_admin_rights? %>
<table width="290" border="0" height="20" align="right"...see how it makes the code in the view more "self documenting"...
cellspacing="0" cellpadding="0">
Also, look at abstracting things like roles (admin, user, guest, etc)
and statuses (awaiting_validation, active, retired) to state machines
rather than "magic-number" text comparisons on first-name fields :-/
HTH
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
thanks Michael for responding,my question is how that http session is set in ruby on rail ?
because in following code '@session' is coming nil :
<%if @session != nil%>
<table width="250" border="0" height="20" align="right" cellspacing="0" cellpadding="0">
<%else%>
<%if @session['user'].first_name == "admin"%>
<table width="290" border="0" height="20" align="right" cellspacing="0" cellpadding="0">
<%end%>
<%end%>
--
Thanks and Regards
Sachin S. Kewale
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment