-
watch on iTunes
-
follow on Twitter
-
follow on Facebook
-
subscribe to RSS feed
watch on iTunes
follow on Twitter
follow on Facebook
subscribe to RSS feed
Another option (that is slightly more general and should work with all ActiveModel based libraries) is http://github.com/thefrontiergroup/scoped_attr_accessible - it provides the ability to scope attr_accessible and attr_protected based on arbitrary objects / scoping.
Nice
On a similar note, everyone should add an initializer with this code:
class ActiveRecord::Base
attr_accessible nil
end
To force all models to use attr_accessible.
... or instead of doing all that, you can just use the guard_protected_attributes option in http://apidock.com/rails/v3.0.0/ActiveRecord/Base/attributes%3D:
@article.send('attributes=', params[:article], !admin?)
@article.save
Great cast Ryan. Does anyone have some examples combining this with declarative_authorization?
Hi Ryan, thanks. Could you imagine a way of integrating dynamic attributes with cancan "ability.rb" file? I'm not sure if that would be a good idea to try "unifying" boths...
Cool.. this should also work with required_nested_attribute_for, right?
Thank you!
I'm implementing this to day.
Keep up the good work.
Great Ryan. That's a good solution for a common problem.
for some reason content for and yield did not work for me on rails3.0.1... May you enlight me why you prefer yield over instance variables?
this is how I adopted your approach, I like it because its DRY yet very flexible.
module ApplicationHelper
def title(page_title, element = "h1")
@page_title = page_title
raw('<' + element + '>' + page_title + '</' + element + '>')
end
end
<title>Web App Title<%= raw((@page_title.blank? ? ' — Default View Title' : ' — ' + @page_title))%></title
I recommend jumping over
@kinopyo yes, you are right, Paperclip has changed so that the cropper processor of ryan is not working correctly. I am running on rails 3 and paperclip 2.3.4. and got this error:
undefined method `sub' for ["-resize", "\"x100\"", "-crop", "\"100x100+119+0\"", "+repage"]:Array
So, transformation_command returns an Array now instead of a String. I just changed super.sub to super.first.sub and it worked again.
@Alfrenovsky - thanks for sharing the http://github.com/kozy/daemon_generator.git bugfix.
When I run 'rails g rspec:install' I get a new rails project. Why does this happen?
I really prefer it more than searchlogic lately.
Nice blog here. Can you set up a notifictaion system with any production site.
Is it possible to add a scope to the authorisation? For example.
If an application has many accounts, and each account has many users.
The user has the permission to read a record, but only if they share the same account_id
Michael
Thank you for a great post! I'm wondering how can I expand Omniauth with another providers. Is there any tutorial for that?
Gerek teknik altyapımız gerekse isabetli ekspertiz analizlerimizle sektörümüzde fark yaratmak ve
koşulsuz memnuniyet sağlamak için çalışmaktayız.
Awesome cast, thanks a lot Ryan!
The only litte thing that doesnt work is highlighting of a current day in the table. Does anyone has an idea?
It would be cool to do a railscast on spam filtering in comments. Unfortunately you seem to get a lot of them like any popular site.
Anyone reading railscast should help Ryan out and mark generic comments pointing to junk websites as spam. It's the least we can do for Ryan.
Thanks Ryan.
PS. I second the comment about creating a skeleton base Rails project with Devise and OmniAuth. Maybe niftySkeleton? :)
Hallo,
I did follow yours, but I got this error:
undefined method `html_safe' for "Sunday":String
Any remedy?
http://railscasts.com/episodes/199-mobile-devices
I still can't get this to work, rake spec fails with 6 errors, with the railscasts app from github:
http://pastie.org/1232929
#6 is related to the PST time zones, #4 and #5 seems to be a fixture load order thing, no idea wtf #2 and 3 are, and same for #1.
Unfortunately i cant get this running with rails 3. You got any suggestions?
I get "OAuth::Unauthorized" when I go to http://localhost:3000/auth/twitter
I have the same question as Pioz: Is there a way to use an OR operator with your WHERE clauses?
Hello, I am interesting in routes translations with i18n..
Do you know something about that?
Exelent post!
This is nice but isn't the more modern way of doing this using a web socket or something like comet?
Ryan - can you post a Rails project pre-configured with Devise and Omni Auth already setup? It would make a great project template to begin a new app.
I have the error:
Don't know how to build task 'environment'
What can I do ... and where can I specify my Database and port ?
Thanks for the awesome video Ryan.
I was wondering what your take on this is?
http://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
I'm wondering what the best method would be for me to implement.
Hi, can someone please tell me why I would get this error:
undefined local variable or method `new_user_registration_url'
Ryan, have you noticed any issues with the cookie on the system after you authenticate with Facebook? I am getting:
NoMethodError (undefined method `find' for Symbol:Class):
app/controllers/welcome_controller.rb:3:in `index'
After I redirect to my welcome controller. If I start up Safari (using Chrome) everything seems fine.
Ryan, your screencast are very well done and so very helpful. Thanks.
I did run into a small issue when setting up my twitter app as I did not set the "Application Type" to "browser" with the appropriate callback. It appears to default to "client", which will cause a OAuth::Unauthorized error.
I thought I would add this to your comments in case someone else made the same mistake I did.
Thanks again for your generous contribution to the rails community!
Let's say I want to have several sections to a site with different authentications like users. pro_users, admins.
Is there an easy way to re-use code instead of basically repeating these steps 3 times?
The main factor seems to be obtaining the proper scope so that you know to test for current_user, current_pro_user or current_admin.
I can't seem to find an easy method from the controller to address this. I got it to work with brute force respond_to?, but that just seems clunky.
Thanks for screencast.
So devise and omniauth are not good friends really. You should be above average rails programmer to accomplish this. It should be easier somehow.
p.s. i bet devise most difficult authentication solution for now.
Hello Ryan. Great cast!
However I have faced some troubles with the routing. The line:
match '/' => 'blogs#show', :constraints => {:subdomains => /.+/}
gives out this error when not requesting a subdomain e.g. http://lvh.me:3000/
undefined method `match' for []:Array
Any ideas on what could be wrong?
Thanks
It took me 3 hours, but I finally got delayed job working with paperclip. Hopefully this helps someone else out there:1
http://ezror.com/blog/index.shtml
http://madeofcode.com/posts/42-paperclip-s3-delayed-job-in-rails
It took me 3 hours, but I finally got delayed job working with paperclip. If anyone is interested, here are couple blog posts I used:
http://ezror.com/blog/index.shtml
http://madeofcode.com/posts/42-paperclip-s3-delayed-job-in-rails
Once again hats off for releasing these two episodes so quickly in succession. Respect.
The thing that eludes me with these authentication methods is how do you tie a user down to a single account? You get a unique uid from the provider but which handle do you have on a newly created user to hone them down into your own app's user model. Is it the email address you make required afterwards?
In other words. How do users authenticate through the devise functionality when they have created a new account solely through omniauth?
Or am I being totally oblivious here.
Cheers, Thanks,
JW
How are you guys building the "response" part of the survey? I have the survey builder working, but don't know how to get the responses...
I've created a response model that belongs to questions and answers, but now what?
Thanks for any shove in the right direction...
This doesn't work in Rails 3. Try this:
<title><%= content_for?(:title) ? yield(:title) : '0to255' %></title>
Thanks Ryan.
I had to change the select condition to get this to work correctly.
I changed it to:
select("date(purchased_at) as purchased_at, sum(total_price) as total_price")
It's a day late!
Wow. This really added some professionalism to my soon-to-be-released product.
One question. When I register using Twitter or LinkedIn, etc and I go to my profile, how can I remove the requirement to enter my current password to change anything? I mean, signing up with this service actually leaves your password blank???
Thanks!
Thanks Ryan, it was more than I expected! Great job!
Thanks Ryan for this quick update. I just wanted to point out that when signing in with openid the hash omniauth['user_info'] could be empty if the openid account has not been edited. In that case the user will be redirected to the registration form where she can add the email manually, so nothing bad happens, but I guess coders should be aware of this eventuality.
Thanks for posting this so quickly. I got to the end of part 1 and really wanted to finish.
Oh, 2 railscasts in 1 week! Feels like christmas!