Forum: Ruby on Rails Model Security

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
has.sox (Guest)
on 2005-11-12 12:49
(Received via mailing list)
Hi anyone,

Sorri to bring a purley Model Security question on this list but I can't
find anywhere to bring this up on the Model Security project page.

I've found a bug (I think) in the Model Security generator but I'm not
sure... I'm pretty noob and I could just be missing something.

I've got a require_admin in my controller. When I log in as a non admin,
and
try a task that is protected, I get thrown back to the login page as I
expected. However, what I didn't expect was when I try to log in as the
same
non admin user (or probably a different one) I can't get past the login
screen. It seems that Model Security tries to take me back to the
operation
that it balked at last time, sees that I'm not an admin and throws me
back
to the login.

Is there anyone else that has experienced this? If there is, how do I
fix
it?

Any help would be great....

PS is there any thoughts of making Model Security into a Plugin or
Engine?
This topic is locked and can not be replied to.