Problem with blocking the user

Hi,
I have a problem with blocking user as follows:-

We have a Admin Panel from where Admin can block the user which is
working fine.
Suppose the user “[email protected]” is login and he is doing spam on our
site. Then Admin has decided to block that user. Admin blocks that user
but the user hasn’t logged out yet due to that he still can do Spam the
site.

How can I fix this? I do not want to add any filter for each request.

Is it possible to get the session of that spam user and then reset that?

Thanks

I do not want to use the filter. It will become an overhead for each and
every request. Is there any other way?

aash dhariya wrote in post #1066492:

I don’t know if this is the correct way to do but you can add an
“is_blocked” field in the user table whose default value is false. Then
you
can add a before_filter in the controller which validates the above
field.

On Thu, Jun 28, 2012 at 1:05 PM, Tushar G. [email protected]
wrote:

How can I fix this? I do not want to add any filter for each request.
“Ruby on Rails: Talk” group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en-US.


Thanks,
Aash

I don’t know if this is the correct way to do but you can add an
“is_blocked” field in the user table whose default value is false. Then
you
can add a before_filter in the controller which validates the above
field.

On Thu, Jun 28, 2012 at 1:05 PM, Tushar G. [email protected]
wrote:

How can I fix this? I do not want to add any filter for each request.
“Ruby on Rails: Talk” group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en-US.


Thanks,
Aash

What is current method you use to block the user?

On Thu, Jun 28, 2012 at 2:34 PM, Tushar G. [email protected]
wrote:


You received this message because you are subscribed to the Google G.
“Ruby on Rails: Talk” group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en-US.


Thanks,
Aash

I’m not sure how your sessions are set up, but if done correctly you
should
be able to destroy the session (thus forcing the user to re-log in on
next
action). Given that their account has been disabled, the next login
should
also fail.

On 28 June 2012 19:31, Alex [email protected] wrote:

I’m not sure how your sessions are set up, but if done correctly you should
be able to destroy the session (thus forcing the user to re-log in on next
action). Given that their account has been disabled, the next login should
also fail.

The OP’s problem is that he wants to destroy the session from the
admin operation rather than from an action invoked by the user who’s
session it is.

Colin

On 28 June 2012 08:35, Tushar G. [email protected] wrote:

How can I fix this? I do not want to add any filter for each request.
Why don’t you want to do the test in a filter? Presumably you are
already running a before_filter to check that the user is logged in,
just put the check in there. The overheads will be trivial. If you
are seriously worried about the overheads then just do the test on
actions that matter, such as sending the spam.

Colin