Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## Error
- NoMethodError in UsersController#create
- undefined method `authorizable=' for #<Role:0xb6da5320>
- ## User Controller
- class UsersController < ApplicationController
- # GET /users
- # GET /users.xml
- def index
- @company = Company.find(params[:company_id])
- @users = @company.users
- respond_to do |format|
- format.html # index.html.erb
- format.xml { render :xml => @users }
- end
- end
- # GET /users/1
- # GET /users/1.xml
- def show
- @company = Company.find(params[:company_id])
- @user = User.find(params[:id])
- respond_to do |format|
- format.html # show.html.erb
- format.xml { render :xml => @user }
- end
- end
- # GET /users/new
- # GET /users/new.xml
- def new
- @company = Company.find(params[:company_id])
- @user = @company.users.build(params[:user])
- respond_to do |format|
- format.html # new.html.erb
- format.xml { render :xml => @user }
- end
- end
- # GET /users/1/edit
- def edit
- end
- # POST /users
- # POST /users.xml
- def create
- @company = Company.find(params[:company_id])
- @user = @company.users.build(params[:user])
- if @user.role == "Admin"
- @user.has_role! :admin
- end
- if @user.role == "Corporate"
- @user.has_role!(:corporate, @company)
- end
- if @user.role == "Regional"
- @user.has_role!(:regional, @company)
- end
- respond_to do |format|
- if @company.save
- flash[:notice] = "User #{@user.username} was successfully created."
- format.html { redirect_to(:action =>'index') }
- format.xml { render :xml => @user, :status => :created, :location => @user }
- else
- format.html { render :action => "new" }
- format.xml { render :xml => @user.errors,
- :status => :unprocessable_entity }
- end
- end
- end
- # PUT /users/1
- # PUT /users/1.xml
- def update
- @company = Company.find(params[:company_id])
- @user = @company.users.build(params[:user])
- respond_to do |format|
- if @user.update_attributes(params[:user])
- flash[:notice] = 'User #{@user.username} was successfully updated.'
- format.html { redirect_to(:action =>'index') }
- format.xml { head :ok }
- else
- format.html { render :action => "edit" }
- format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
- end
- end
- end
- # DELETE /users/1
- # DELETE /users/1.xml
- def destroy
- @company = Company.find(params[:company_id])
- @user = @company.users.build(params[:user])
- begin
- @user.destroy
- flash[:notice] = "User #{@user.username} deleted"
- rescue Exception => e
- flash[:notice] = e.message
- end
- respond_to do |format|
- format.html { redirect_to(users_url) }
- format.xml { head :ok }
- end
- end
- end
- ## User Model
- require "digest/sha1"
- class User < ActiveRecord::Base
- acts_as_authorization_subject
- belongs_to :company
- validates_presence_of :username
- validates_uniqueness_of :username
- attr_accessor :password_confirmation
- validates_confirmation_of :password
- validate :password_non_blank
- #def has_role?(role_name, obj=nil)
- #super unless obj.class == Region or obj.class == Location
- #return company.region == obj if obj.class == Region
- #return company.location == obj if obj.class == Location
- #end
- def self.authenticate(username, password)
- user = self.find_by_username(username)
- if user
- expected_password = encrypted_password(password, user.salt)
- if user.hashed_password != expected_password
- user = nil
- end
- end
- user
- end
- def after_destroy
- if User.count.zero?
- raise "Can't delete last user"
- end
- end
- # 'password' is a virtual attribute
- def password
- @password
- end
- def password=(pwd)
- @password = pwd
- return if pwd.blank?
- create_new_salt
- self.hashed_password = User.encrypted_password(self.password, self.salt)
- end
- private
- def password_non_blank
- errors.add(:password, "Missing Password") if hashed_password.blank?
- end
- def create_new_salt
- self.salt = self.object_id.to_s + rand.to_s
- end
- def self.encrypted_password(password, salt)
- string_to_hash = password + "wibble" + salt
- Digest::SHA1.hexdigest(string_to_hash)
- end
- end
- ## Company Controller
- class CompaniesController < ApplicationController
- # GET /companies
- # GET /companies.xml
- before_filter :load_company, :only => [:show, :edit, :update, :create, :new, :destroy]
- access_control do
- allow :admin
- allow :corporate, :of => :company, :to => ["show", "edit", "update", "create", "new", "destroy"]
- end
- def index
- @companies = Company.find(:all)
- respond_to do |format|
- format.html # index.html.erb
- format.xml { render :xml => @companies }
- end
- end
- # GET /companies/1
- # GET /companies/1.xml
- def show
- respond_to do |format|
- format.html # show.html.erb
- format.xml { render :xml => @company }
- end
- end
- # GET /companies/new
- # GET /companies/new.xml
- def new
- @company = Company.new
- respond_to do |format|
- format.html # new.html.erb
- format.xml { render :xml => @company }
- end
- end
- # GET /companies/1/edit
- def edit
- end
- # POST /companies
- # POST /companies.xml
- def create
- @company = Company.new(params[:company])
- respond_to do |format|
- if @company.save
- flash[:notice] = 'Company was successfully created.'
- format.html { redirect_to(@company) }
- format.xml { render :xml => @company, :status => :created, :location => @company }
- else
- format.html { render :action => "new" }
- format.xml { render :xml => @company.errors, :status => :unprocessable_entity }
- end
- end
- end
- # PUT /companies/1
- # PUT /companies/1.xml
- def update
- respond_to do |format|
- if @company.update_attributes(params[:company])
- flash[:notice] = 'Company was successfully updated.'
- format.html { redirect_to(@company) }
- format.xml { head :ok }
- else
- format.html { render :action => "edit" }
- format.xml { render :xml => @company.errors, :status => :unprocessable_entity }
- end
- end
- end
- # DELETE /companies/1
- # DELETE /companies/1.xml
- def destroy
- @company.destroy
- respond_to do |format|
- format.html { redirect_to(companies_url) }
- format.xml { head :ok }
- end
- end
- private
- def load_company
- @company = Company.find(params[:id])
- end
- end
- ## Company Model
- class Company < ActiveRecord::Base
- acts_as_authorization_object
- has_many :users
- has_many :regions
- has_many :locations, :through => :regions
- end
- ## Application Controller
- def current_user
- @current_user ||= User.find(session[:user_id])
- end
Add Comment
Please, Sign In to add comment