no_attribute_check

24 views
Skip to first unread message

matthias.nitsch

unread,
Oct 2, 2009, 4:54:11 AM10/2/09
to declarative_authorization
Hello guys,

i try to set no_attribute_check for a additional controller action
with following line:

filter_resource_access :additional_member
=> :activate, :no_attribute_check => :activate

But with this I get an error like this:

undefined method `include?' for :activate:Symbol

/usr/local/lib/ruby/gems/1.8/gems/stffn-
declarative_authorization-0.3.2.2/lib/declarative_authorization/
in_controller.rb:452:in `filter_resource_access'
/usr/local/lib/ruby/gems/1.8/gems/stffn-
declarative_authorization-0.3.2.2/lib/declarative_authorization/
in_controller.rb:451:in `each'
/usr/local/lib/ruby/gems/1.8/gems/stffn-
declarative_authorization-0.3.2.2/lib/declarative_authorization/
in_controller.rb:451:in `filter_resource_access'

Anybody knows something about this issue?

Thanks
Matthias

Steffen Bartsch

unread,
Oct 2, 2009, 5:07:58 AM10/2/09
to declarative_...@googlegroups.com
Am Freitag, 2. Oktober 2009 schrieb matthias.nitsch:
> filter_resource_access :additional_member
> => :activate, :no_attribute_check => :activate
>
> But with this I get an error like this:
>
> undefined method `include?' for :activate:Symbol
>
> Anybody knows something about this issue?

The documentation isn't explicit enough on that point, but :no_attribute_check
currently only accepts an Array. Be careful: it doesn't set additional
methods but overwrites the default list of methods without attribute checks.

Maybe the documentation helps:
http://www.tzi.org/~sbartsch/declarative_authorization/master/classes/Authorization/AuthorizationInController/ClassMethods.html#M000211

Actually, it would be nice to have an :additional_no_attribute_check option
here.

Steffen

matthias.nitsch

unread,
Oct 2, 2009, 5:18:03 AM10/2/09
to declarative_authorization


On 2 Okt., 11:07, Steffen Bartsch <sbart...@tzi.de> wrote:
> Am Freitag, 2. Oktober 2009 schrieb matthias.nitsch:
>
> > filter_resource_access :additional_member
> > => :activate, :no_attribute_check => :activate
>
> > But with this I get an error like this:
>
> > undefined method `include?' for :activate:Symbol
>
> > Anybody knows something about this issue?
>
> The documentation isn't explicit enough on that point, but :no_attribute_check
> currently only accepts an Array.  Be careful: it doesn't set additional
> methods but overwrites the default list of methods without attribute checks.
>
> Maybe the documentation helps:http://www.tzi.org/~sbartsch/declarative_authorization/master/classes...
>
> Actually, it would be nice to have an :additional_no_attribute_check option
> here.
>
> Steffen

Ok this solves the inlude error, but it still seems that the
attribute_check is performed:

Processing UsersController#activate (for 127.0.0.1 at 2009-10-02
11:13:00) [GET]
Parameters: {"action"=>"activate", "id"=>"Lu5cjHggq5P-AB1x5WpE",
"locale"=>"en", "controller"=>"users"}
User Load (1.7ms) SELECT * FROM "users" WHERE ("users"."id" = 0)

ActiveRecord::RecordNotFound (Couldn't find User with ID=Lu5cjHggq5P-
AB1x5WpE)

In my action i don't perform a query by id.
Message has been deleted

matthias.nitsch

unread,
Oct 2, 2009, 5:31:42 AM10/2/09
to declarative_authorization
Ok finally fixed it.

filter_resource_access :additional_member
=> :activate, :no_attribute_check => :activate

does not work.

filter_resource_access :no_attribute_check => :activate

works fine.

Matthias
Reply all
Reply to author
Forward
0 new messages