Hi Have the following setup
I have a login system for clients to login into the system. They can edit thier details on the system. I need to block them editing other clients details. This can be do by changing the Id in the URL.
There is a Namespace in Place and it is called 'Profile'
I have done this before with Users on the system, Does CanCan only support current_user or can i change this to current_client. As i am getting an error in the log file of the following:
NameError (undefined local variable or method `current_user' for #):
Code is as Follows:
Application Controller
protect_from_forgery
helper_method :current_client
rescue_from CanCan::AccessDenied do |exception|
redirect_to profile_url
end
private
def current_client
@current_client ||= Client.find(session[:client_id]) if session[:client_id]
end
def logged_in?
unless session[:client_id]
flash[:notice] = "You need to log in first."
redirect_to login_path
return false
else
return true
end
end
Profile/clients_controller
before_filter :logged_in?
load_and_authorize_resource
# GET /clients/1/edit
def edit
@client = Client.find(params[:id])
end
# PUT /clients/1
# PUT /clients/1.json
def update
@client = Client.find(params[:id])
respond_to do |format|
if @client.update_attributes(params[:client])
format.html { redirect_to [:profile,@client], :notice => 'Client was successfully updated.' }
format.json { head :ok }
else
format.html { render :action => "edit" }
format.json { render :json => @client.errors, :status => :unprocessable_entity }
end
end
end
Any idea why it is coming up with this error.
