Skip to content
This repository

Rails 3: Sessions don't respect parent scope (Authenticates many) #163

Open
JamieAppleseed opened this Issue · 5 comments

3 participants

Jamie Appleseed Michael Kintzer Phlegx Systems OG
Jamie Appleseed

I have three models: account, person and person_session. I'm using authenticates_many in the account, and acts_as_authentic has a validation_scope set to :account_id.

However, when I do the following in PersonSessionsController:

def create
    @person_session = current_account.person_sessions.build(params[:person_session])
    if @person_session.save  
    ...
end

The actual query that's run against the person table is:

Person Load (0.3ms)  SELECT `people`.* FROM `people` WHERE (LOWER(`people`.email) = 'your@email.com') LIMIT 1

There's no account_id clause to be found here.. everything else is working fine, except that I can sign in to any user on any account, despite the scope.

I'm running on Authlogic 2.1.6 and Rails 3.0.0.rc

Jamie Appleseed

I think it's the :find_options.. people are having problems with them in Rails 3. If I manually set ..

:find_options => { :conditions => { :account_id => 4 } }

.. then it is scoped correctly. However, Proc.new works against the Account class, not the instance, so I don't really know how to set the account_id dynamically..

Any suggestions?

Michael Kintzer

See http://github.com/binarylogic/authlogic/issuesearch?state=open&q=authenticates_many#issue/135/comment/389183 which I post a potential workaround. Hopefully someone can improve on it.

Phlegx Systems OG

I have the same problem. Why not push the solution to the master or make a pull request?

Michael Kintzer

a pull request was already submitted by releod. And the alternative solution posted by tsommer https://github.com/binarylogic/authlogic/issuesearch?state=open&q=authenticates_many#issue/135/comment/676444 doesn't require a code change in authlogic.

Phlegx Systems OG

This forked repo has resolved all problems, bugs and deprecations in the branch rails3:

git://github.com/takuyan/authlogic.git

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.