is_admin? function in rails? - undefined method Error

Question

Hello! At the moment, I am creating some kind of admin panel/backend for my site. I want to do the following: Only admins (a user has a user_role(integer) --> 1 = admin, 2 = moderator, 3 = user) can see and access a link for the admin panel. So I created an admin_controller. In my admin controller I created a new function called is_admin?:

class AdminController < ApplicationController

  def admin_panel
  end

  def is_admin?
    current_user.user_role == 1
  end

end

my route looks like.

map.admin_panel '/admin-panel', :controller => 'admin', :action => 'admin_panel'

and in my _sidebar.html.erb (partial in applicaton.html.erb) I created the link:

<%= link_to "Admin Panel", :admin_panel unless is_admin? %>

Now I get an error called:

undefined method `is_admin?'

Where is the problem? Please help me solving this problem!

Okay, sorry for this, but it still wont work. Here are my controllers:

application_controller.rb:

class ApplicationController < ActionController::Base
      include AuthenticatedSystem
      helper :all
      protect_from_forgery

      helper_method :current_user

        def current_user
          @current_user ||= User.find_by_id(session[:user])
        end
end

users_controller.rb:

class UsersController < ApplicationController
      layout 'application'

      include AuthenticatedSystem

      helper_method :is_admin? #only added this line

      def new
      end
      ...
end

user.rb

 require 'digest/sha1'
    class User < ActiveRecord::Base
        # Virtual attribute for the unencrypted password
        attr_accessor :password
        ... #more stuff but nothing for is_admin?

      def active?
        # the existence of an activation code means they have not activated yet
        activation_code.nil?
      end

      #here is my is_admin? code
      def is_admin?
        self.user_role == 1
      end
      ...
   end

and now my view (_sidebar.html.erb):

<div>
    <%= link_to "Admin Panel", :admin_panel unless current_user.is_admin? %>
</div>

That's it. Any ideas?

Btw: now the error changed a bit. Now it is:

undefined method `is_admin?' for nil:NilClass

My Session Create (in sessions_controller.rb):

  def create
self.current_user = User.authenticate(params[:login], params[:password])
if logged_in?
  if params[:remember_me] == "1"
    current_user.remember_me unless current_user.remember_token?
    cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
  end
  redirect_back_or_default('/')
  flash[:notice] = "Logged in successfully"
else
  render :action => 'new'
end

end

Answer 1

The problem is that methods defined in your controllers are not available in your views, unless you do this in the controller:

helper_method :is_admin?

However, in your case I would suggest that you move this method into the user model, as it seems to be more or less part of the business logic of the application.

So, in your user model,

class User < ActiveRecord::Base

  def is_admin?
    self.user_role == 1
  end
end

And then in the view,

<%= link_to "Admin Panel", :admin_panel unless current_user.is_admin? %>

Oh, and btw, make sure that your users cannot change their roles arbitrarily via mass attributes assignment. And also it would be better to define constants for those role integer values. Sorry if this is too obvious :)

Answer 2

use helper_method if you want to use your controller's method in your views

class AdminController < ApplicationController

  helper_method :is_admin?  #you should include this line so that you can access it in your view.

  def admin_panel
  end

  def is_admin?
    current_user.user_role == 1
  end

end