Home/ Questions/Q 8416709
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T01:50:30+00:00

Suddenly I started getting this error while submitting a form. The only change I

  • 0

Suddenly I started getting this error while submitting a form. The only change I made is calling a method defined in ApplicationController which is marked as helper.

app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  protect_from_forgery

  helper_method :is_org_admin?

  #Check if current user is Admin in current organization or not
  def is_org_admin?
    session[:current_organization].is_admin?(current_user)
  end
end

is_admin? is defined as

class Organization < ActiveRecord::Base
  has_many :memberships
  has_many :users, through: :memberships

  def is_admin?(user)
    member = memberships.where(user_id: user.id).first
    if member.nil?
      false
    else
      member.is_admin?
    end
  end
end

And is_org_admin? method is being called from view template

app/views/users/index.html.haml

 %h1 Users
    - if is_org_admin?
      %p= link_to 'Invite new user', new_invitation_path

If I remove protect_from_forgery in ApplicationController or call to helper method if is_org_admin? in index.html.haml it works. But as I enable protect_from_forgery or the condition which calls helper defined in ApplicationController, it gives the warning and shows You need to sign in or sign up before continuing message on the page.

Would anyone please suggest what is the problem here?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Instead of saving entire Organization model, I am saving it’s id in session to have instance of current organization. So as required, I search it on the fly.

    Organization.find(session[:current_organization_id]).is_admin?(current_user)

    Still I wonder why it returns 401 if organization AR saved and used from session.

    • 0