Colin Law wrote: > 2009/5/12 Shandy Nantz <rails-mailing-l...@andreas-s.net> > >> >> It has to do with the sessions which are holding id for the current >> users logged in. At most, there may be three session variables set - the >> two above and another called session[:admin]. An admin can move from >> profile to profile making modifications, but what I think is happening >> is that the admin are not "logging" like they should and are instead >> simply "X"ing out. This means that those sessions may be used to set up >> unwanted objects and show links, and other varous forms of undesired >> information. > > > Do you mean another user is coming along to the pc that had the admin > user > logged in and using it as admin? Or that someone is picking up the admin > role on another PC when they should not? Or something else?
No, an admin logs in and they can view and edit other profiles (not other admin profiles), all from the same PC. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
