Rails Authorization Plugin Error

Question

I'm trying to get the permit method to work using the rails-authorization-plugin and authlogic, and I keep running into this error:

When I try:

class ApplicationController < ActionController::Base
  ...
  before_filter permit 'admin'
  ...

I get this:

Authorization::CannotObtainUserObject in HomeController#index
Couldn't find #current_user or @user, and nothing appropriate found in hash

Now I do have my current_user method setup, and it works, because I used it just about everywhere else in my app:

class ApplicationController < ActionController::Base
  ...

  helper_method :current_user

  private

  def current_user_session
    return @current_user_session if defined?(@current_user_session)
    @current_user_session = UserSession.find
  end

  def current_user
    return @current_user if defined?(@current_user)
    @current_user = current_user_session && current_user_session.record
  end

  ...

I also know that I have users with the appropriate roles in my database, because this method works:

def require_admin
   unless current_user.is_admin? || current_user.is_root?
      flash[:warning] = 'You are not an administrator and cannot access this page.'
      redirect_to root_path
   end
end

I can make everything work if I just check on the user level using this:

before_filter :require_admin, :only => 'index'

... but shouldn't I be able to the same thing effectively with permit and permit??

Any help would be much appreciated. Let me know if you need to see more code and I'll be happy to post it. There really is nothing on Google that I can make heads-or-tails of regarding getting these two systems to work with each other.

Answer 1

You are using the plugin incorrectly. It should not be placed in a before filter.

On the global level, you simply declare:

permit 'admin'

That's it.

All of your actions will look for a current_user or @user object and redirect to the login page if not.

On a per-action level, you use it as a block:

def index
  permit 'admin' do
    @some_models = SomeModel.all
  end
end

Answer 2

Okay, I think I figured it out.

As Jared correctly pointed out, the proper usage is

permit 'admin'

(Not as part of a before_filter).

HOWEVER...

... the default :get_user_method is set to #current_user, which is what the acts_as_authenticated plugin uses. I, as noted earlier, am using AuthLogic, in where I have the method defined as current_user (without the pound sign).

So, I had tried the following:

permit 'admin', :get_user_method => current_user

Only to be greeted by a nice error message explaining that I had no such variable or method. What I was missing, however, is that the hash option takes a string, not a direct call to the method!! (stupid mistake, I know!)

So

permit 'admin', :get_user_method => 'current_user'

... seems to work for me.

I love Ruby and Rails, but sometimes its simplicity can be a curse of its own; I always get owned by the simple things. :)