Hi,
I have a problem with blocking user as follows:-
We have a Admin Panel from where Admin can block the user which is
working fine.
Suppose the user “[email protected]” is login and he is doing spam on our
site. Then Admin has decided to block that user. Admin blocks that user
but the user hasn’t logged out yet due to that he still can do Spam the
site.
How can I fix this? I do not want to add any filter for each request.
Is it possible to get the session of that spam user and then reset that?
I do not want to use the filter. It will become an overhead for each and
every request. Is there any other way?
aash dhariya wrote in post #1066492:
I don’t know if this is the correct way to do but you can add an
“is_blocked” field in the user table whose default value is false. Then
you
can add a before_filter in the controller which validates the above
field.
I don’t know if this is the correct way to do but you can add an
“is_blocked” field in the user table whose default value is false. Then
you
can add a before_filter in the controller which validates the above
field.
I’m not sure how your sessions are set up, but if done correctly you
should
be able to destroy the session (thus forcing the user to re-log in on
next
action). Given that their account has been disabled, the next login
should
also fail.
I’m not sure how your sessions are set up, but if done correctly you should
be able to destroy the session (thus forcing the user to re-log in on next
action). Given that their account has been disabled, the next login should
also fail.
The OP’s problem is that he wants to destroy the session from the
admin operation rather than from an action invoked by the user who’s
session it is.
How can I fix this? I do not want to add any filter for each request.
Why don’t you want to do the test in a filter? Presumably you are
already running a before_filter to check that the user is logged in,
just put the check in there. The overheads will be trivial. If you
are seriously worried about the overheads then just do the test on
actions that matter, such as sending the spam.
Colin
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.