Frederick Cheung wrote: > On 9 Nov 2008, at 20:19, Scott Kulik wrote: > >> end > Well you can't pass an argument to a filter like that. you'd have to > fetch the item first (I presume this is all boilerplate stuff so > you're interested in the one of id params[:id]. > Also, returning false from a filter doesn't do anything any more - you > need to render or redirect to halt the filter chain. > > Fred
thanks for the info fred. i was just thinking that I should probably do the checking to see if an item is locked in the model before updating. so in item.rb: before_save :validate def validate @user = User.find_by_id(session[:user_id]) if self.locked == 1 && @user.admin == 1 self.errors.add_to_base("This item is locked and can only be edited by an administrator.") return false end end the only problem i have here is that I am unable to access the session variable or the "admin?" function in my authenticated_system library. is there an easy solution to check if a user is an admin from a model? this way sounds like it might be a little easier then using a boilerplate. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---