[Rails] Re: Where is the best place to check whether it is admin or normal user logged in?

Ruby on Rails Tuesday, July 7, 2015

>Can you share the content of session_help.rb?

Yes no problem.
This is my session_helper.rb

module SessionsHelper
def log_in(user)
    session[:user_id] = user.id
  end
 
  def current_user
    @current_user ||= User.find_by(id: session[:user_id])
  end
 
  # Returns true if the given user is the current user.
  def current_user?(user)
    user == current_user
  end
 
  def logged_in?
    !current_user.nil?
  end
 
  # Redirects to stored location (or to the default).
  def redirect_back_or(default)
    redirect_to(session[:forwarding_url] || default)
    session.delete(:forwarding_url)
  end
 
  # Stores the URL trying to be accessed.
  def store_location
    session[:forwarding_url] = request.url if request.get?
  end
 
  def log_out
    session.delete(:user_id)
    @current_user = nil
    session.delete(:isitadmin)
  end
 
  def admin(role)
    session[:isitadmin] = role
  end
 
  def checkadmin
    admin?(session[:isitadmin])
  end
 
  def admin?(rolea)
   rolea == 1  
  end    
  end
end

 
This is my sessions_controller.rb file

def loginnow
    role = User.where(userid: params[:session][:userid]).pluck(:roleid)
    user = User.find_by(userid: params[:session][:userid])
    if user && user.authenticate(params[:session][:password])
      # Log the user in and redirect to the user's show page.
      admin role      
      log_in user
     
      if admin?(role)
        flash.now[:info] = 'You are logged in as Admin and your roleid is #{role}'
        redirect_to dashboard_index_path
        puts "*******************************************************************************************************"
        puts "The roleid is #{rolea} executed in if part"                
        puts "*******************************************************************************************************"
      else
        flash.now[:danger] = 'For some reason you are not recognized as Admin and the roleid is #{role}'
        redirect_to dashboard_index_path
        puts "*******************************************************************************************************"
        puts "The roleid is #{role} executed in else part"                
        puts "*******************************************************************************************************"
      end


>On creation of a new user, in your database users table, do you set a flag to indicate whether or not the user is admin, let's say the >field is 'is_admin' and 1 indicates admin >and 0 indicates not admin.

Instead of flag I have roleid field which will be 1 for admin, 2 for clerk, 3 for accountant etc
And rest of the code is similar to mine. Instead of accessing controller method, I am passing role id as parameters while calling model method. It is not the problem right now.
The problem is,
In the loginnow method of sessions_controller, If admin?(rolea) always go to else part. To find this out I used "puts" and whether the id is 2 or 1, always else part is executing.

****************************************************************************************************
The roleid is ["1"] executed in else part
****************************************************************************************************
Completed 302 Found in 340ms (ActiveRecord: 164.3ms)


****************************************************************************************************
The roleid is ["2"] executed in else part
****************************************************************************************************
Completed 302 Found in 80ms (ActiveRecord: 1.0ms)

I even changed admin?(role) and if admin?(role) like this.
def admin?(rolea)
    if rolea == 1
      return true
    else
      return false
    end    
  end

In sessions_controller 
if admin?(role) == true

But the result is same.

Finally I changed if to unless but now it always executes if part but not else part.

Help me with boolean function admin?(rolea). I don't know whats wrong.

-And I deleted the above response,  my kid startled me and I hit some wrong keys that caused a posting of an incomplete response.....

No problem. Thank you for helping me along with your personal responsibilities.

Thank you again. 

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/62abc6c5-7d4f-4949-b96e-4543eab27c04%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Posted by Ruby on Rails at 7:43 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)