This is a minor update to address a few lighthouse issues:
Ticket #23 Added login_with_permissions method to rspec_helper
Ticket #25 Fixed rspec helper methods: login_with_groups. Was setting access_rights correctly but wasn’t actually “logging in” a user (e.g. no current_user).
Ticket #26 incompatibility with exception notifier gem. (renamed access_denied to ld_access_denied)
Also added more tests and consolidated the error classes (they were spread across various modules).
For more info on Lockdown, check out the wiki
Comments
Lockdown help
I’m trying to integrate lockdown into a new project with authlogic and I have most things working properly, but I have a minor question.
The link_to (link_to_secured) helper method using lockdown is pretty useful. I’d like to limit the :user_sessions :destroy action to the built in protected_access group so that a logout link only appears when logged in. If I set permissions like so:
set_permission(:logout).with_c
set_protected_access :logout
and the opposite for public access, what would the link_to code be for a logout button given the routes you used?
map.resource :account, :controller => “users” map.resources :users map.resources :password_resets map.resource :user_session map.login ‘/login’, :controller => ‘user_sessions’, :action => ‘new’ map.logout ‘/logout’, :controller => ‘user_sessions’, :action => ‘destroy’Re: Lockdoen help
Given the above permissions, why does:
link_to ‘Logout’, :controller => ‘user_sessions’, :action => ‘destroy’
not render if a user is logged in?
Re: Lockdown help
I figured it out. Working correctly now…