Leonel,
Sorry, I have been of the line for sometime. I haven’t followed this
mail
thread, but I had already answered your problem last Friday, so I just
send
it through. I hope my contribution will still be of good help.
Le 14 octobre 2010 18:27:44 UTC+2, Leonel . [email protected] a
crit
:
before_filter :authorize
redirect_to login_url, :notice => “Please log in”
I’m not sure what 'cause I’m a newbie but I’m searching for the answer.
The error means that you are accessing an “account” attribute of a nil
user.
Allow me to provide a little bit of a tutorial.
Of course, I see “protect_from_forgery” method, but let me assume that
I
don’t see it.
In general, any code that is not in a method is generally executed as
Ruby
goes parses the script. As most languages do, Ruby too executes every
script
sequentially from top to bottom (unless there are conditions to change
the
order). Suppose we have the following:
statement_1
def my_method
some_code
end
statement_2
statement_3
my_method # call to my method
Then Ruby will execute statement_1, statement_2, statement_3 and the
calls
the method my_method. It just “skips” the method declaration (if
seasoned
programmers allow me to say so).
Now, in you code, I believe that at the point you are finding the User,
session[:user_id] is still null. In order to prove it, try to raise the
session variable before this @user_id =
User.find_by_id(session[:user_id]).
Thus try, this:
raise “The id of the current user is #{session[:user_id]} . Hip-hop
Hooray!!!”
@user_id = User.find_by_id(session[:user_id])
If the user id exists in session[:user_id] it will be printed out. If it
gets printed out, make sure that it matches the user_id you have put in
session.
I haven’t tested you code for this, but I hypothesize that the
session[:user_id] will not be printed out.
Now, What do you need to get it right?
I would suggest that the following possible idea. I notice you have
before_filter: authorize. in your authorize method after authenticating
the
user, put the user id in session. Look out for consistency
(session[:user_id] may not equal to session[“user_id”])!!! Here is my
sample
code!!!
Notice where I am initiating session[:user_id].
def login
session[:user_id] = nil
if request.post?
username = params[:user][:username]
password = params[:user][:password]
user = User.authenticate(username, password)
if user
session[:user_id] = user.id
else
flash[:notice] = "Invalid user/password combination"
end
end
end
Now you are safe to use session[:user_id] as follows (You may place this
code in the index method of your ApplicationController):
@company_name = User.find(session[:user_id]).account.name unless
(session[:user_id].empty?)
You can also take advantage of the “if user” block statement above
(since it
is execute if an only if the user is authenticated), find the user’s
account
and just keep the account name in session (It might not be a good
programming practice, but it can save a lot. This is just my
recommendation!!).
Edmond
Software Developer | Baobab Health Trust (http://www.baobabhealth.org/)
|
Malawi
Cell: +265 999 465 137 | +265 881 234 717
*“Leading the Improvement of Health through Information and
Communication
Technology in the Developing World” The *Creed of *Baobab Health
*