## Error NoMethodError in UsersController#createundefined method `author

1. ## Error
2.  
3. NoMethodError in UsersController#create
4.  
5. undefined method `authorizable=' for #<Role:0xb6da5320>
6.  
7. ## User Controller
8.  
9.  
10. class UsersController < ApplicationController
11. # GET /users
12. # GET /users.xml
13.  
14. def index
15.  
16. @company = Company.find(params[:company_id])
17. @users = @company.users
18.  
19. respond_to do |format|
20. format.html # index.html.erb
21. format.xml { render :xml => @users }
22. end
23. end
24.  
25.  
26. # GET /users/1
27. # GET /users/1.xml
28. def show
29.  
30. @company = Company.find(params[:company_id])
31. @user = User.find(params[:id])
32.  
33. respond_to do |format|
34. format.html # show.html.erb
35. format.xml { render :xml => @user }
36. end
37. end
38.  
39. # GET /users/new
40. # GET /users/new.xml
41. def new
42.  
43. @company = Company.find(params[:company_id])
44. @user = @company.users.build(params[:user])
45.  
46. respond_to do |format|
47. format.html # new.html.erb
48. format.xml { render :xml => @user }
49. end
50. end
51.  
52. # GET /users/1/edit
53. def edit
54.  
55. end
56.  
57. # POST /users
58. # POST /users.xml
59. def create
60.  
61. @company = Company.find(params[:company_id])
62. @user = @company.users.build(params[:user])
63.  
64. if @user.role == "Admin"
65. @user.has_role! :admin
66. end
67.  
68. if @user.role == "Corporate"
69. @user.has_role!(:corporate, @company)
70. end
71.  
72. if @user.role == "Regional"
73. @user.has_role!(:regional, @company)
74. end
75.  
76.  
77. respond_to do |format|
78.  
79. if @company.save
80. flash[:notice] = "User #{@user.username} was successfully created."
81. format.html { redirect_to(:action =>'index') }
82. format.xml { render :xml => @user, :status => :created, :location => @user }
83. else
84. format.html { render :action => "new" }
85. format.xml { render :xml => @user.errors,
86. :status => :unprocessable_entity }
87. end
88. end
89. end
90.  
91. # PUT /users/1
92. # PUT /users/1.xml
93. def update
94.  
95. @company = Company.find(params[:company_id])
96. @user = @company.users.build(params[:user])
97.  
98. respond_to do |format|
99. if @user.update_attributes(params[:user])
100. flash[:notice] = 'User #{@user.username} was successfully updated.'
101. format.html { redirect_to(:action =>'index') }
102. format.xml { head :ok }
103. else
104. format.html { render :action => "edit" }
105. format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
106. end
107. end
108. end
109.  
110. # DELETE /users/1
111. # DELETE /users/1.xml
112. def destroy
113.  
114. @company = Company.find(params[:company_id])
115. @user = @company.users.build(params[:user])
116.  
117. begin
118. @user.destroy
119. flash[:notice] = "User #{@user.username} deleted"
120. rescue Exception => e
121. flash[:notice] = e.message
122. end
123.  
124. respond_to do |format|
125. format.html { redirect_to(users_url) }
126. format.xml { head :ok }
127. end
128. end
129.  
130. end
131.  
132.  
133. ## User Model
134.  
135. require "digest/sha1"
136.  
137. class User < ActiveRecord::Base
138. acts_as_authorization_subject
139.  
140. belongs_to :company
141.  
142. validates_presence_of :username
143. validates_uniqueness_of :username
144.  
145. attr_accessor :password_confirmation
146. validates_confirmation_of :password
147.  
148. validate :password_non_blank
149.  
150. #def has_role?(role_name, obj=nil)
151. #super unless obj.class == Region or obj.class == Location
152. #return company.region == obj if obj.class == Region
153. #return company.location == obj if obj.class == Location
154. #end
155.  
156.  
157. def self.authenticate(username, password)
158. user = self.find_by_username(username)
159. if user
160. expected_password = encrypted_password(password, user.salt)
161. if user.hashed_password != expected_password
162. user = nil
163. end
164. end
165. user
166. end
167.  
168. def after_destroy
169. if User.count.zero?
170. raise "Can't delete last user"
171. end
172. end
173.  
174. # 'password' is a virtual attribute
175. def password
176. @password
177. end
178.  
179. def password=(pwd)
180. @password = pwd
181. return if pwd.blank?
182. create_new_salt
183. self.hashed_password = User.encrypted_password(self.password, self.salt)
184. end
185.  
186. private
187.  
188. def password_non_blank
189. errors.add(:password, "Missing Password") if hashed_password.blank?
190. end
191.  
192. def create_new_salt
193. self.salt = self.object_id.to_s + rand.to_s
194. end
195.  
196. def self.encrypted_password(password, salt)
197. string_to_hash = password + "wibble" + salt
198. Digest::SHA1.hexdigest(string_to_hash)
199. end
200. end
201.  
202.  
203. ## Company Controller
204.  
205. class CompaniesController < ApplicationController
206. # GET /companies
207. # GET /companies.xml
208.  
209. before_filter :load_company, :only => [:show, :edit, :update, :create, :new, :destroy]
210. access_control do
211. allow :admin
212. allow :corporate, :of => :company, :to => ["show", "edit", "update", "create", "new", "destroy"]
213. end
214.  
215. def index
216.  
217. @companies = Company.find(:all)
218.  
219. respond_to do |format|
220. format.html # index.html.erb
221. format.xml { render :xml => @companies }
222. end
223. end
224.  
225. # GET /companies/1
226. # GET /companies/1.xml
227. def show
228.  
229. respond_to do |format|
230. format.html # show.html.erb
231. format.xml { render :xml => @company }
232. end
233. end
234.  
235. # GET /companies/new
236. # GET /companies/new.xml
237. def new
238. @company = Company.new
239.  
240. respond_to do |format|
241. format.html # new.html.erb
242. format.xml { render :xml => @company }
243. end
244. end
245.  
246. # GET /companies/1/edit
247. def edit
248. end
249.  
250. # POST /companies
251. # POST /companies.xml
252. def create
253. @company = Company.new(params[:company])
254.  
255. respond_to do |format|
256. if @company.save
257. flash[:notice] = 'Company was successfully created.'
258. format.html { redirect_to(@company) }
259. format.xml { render :xml => @company, :status => :created, :location => @company }
260. else
261. format.html { render :action => "new" }
262. format.xml { render :xml => @company.errors, :status => :unprocessable_entity }
263. end
264. end
265. end
266.  
267. # PUT /companies/1
268. # PUT /companies/1.xml
269. def update
270.  
271. respond_to do |format|
272. if @company.update_attributes(params[:company])
273. flash[:notice] = 'Company was successfully updated.'
274. format.html { redirect_to(@company) }
275. format.xml { head :ok }
276. else
277. format.html { render :action => "edit" }
278. format.xml { render :xml => @company.errors, :status => :unprocessable_entity }
279. end
280. end
281. end
282.  
283. # DELETE /companies/1
284. # DELETE /companies/1.xml
285. def destroy
286. @company.destroy
287.  
288. respond_to do |format|
289. format.html { redirect_to(companies_url) }
290. format.xml { head :ok }
291. end
292. end
293.  
294. private
295.  
296. def load_company
297. @company = Company.find(params[:id])
298. end
299.  
300. end
301.  
302.  
303. ## Company Model
304.  
305.  
306. class Company < ActiveRecord::Base
307. acts_as_authorization_object
308. has_many :users
309. has_many :regions
310. has_many :locations, :through => :regions
311. end
312.  
313.  
314. ## Application Controller
315.  
316. def current_user
317. @current_user ||= User.find(session[:user_id])
318. end