Forum: Ruby on Rails before_filter and the application controller

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Dave H. (Guest)
on 2006-05-17 01:26
(Received via mailing list)
Hi there,

I'm having a bit of an issue with my before_filter. I know that the
filters
put in the application.rb controller are global for all the controllers.
In
my application filter I'd like to allow access to the RSS feed method in
a
'member' controller and skip the login checks that the before_filters
are
currently performing.

In my application my filters look like this:

class ApplicationController < ActionController::Base

  before_filter :check_authentication, :except =>
[:check_authentication]
  before_filter :register_member_activity, :except =>
[:check_authentication]

    def check_authentication
        unless session[:member_id]
            session[:intended_uri] = @request.request_uri
            redirect_to :controller => 'login', :action => "signin_form"
        end
    end

etc..............


Obviously, now all my controllers and methods have to pass through this
authentication method. For accessing RSS this doesn't work too well.

Does anyone have any ideas how to allow global access, and no filtering
to
one method in a different controller. I just want to expose the "RSS"
method
in the "Member" controller. Putting a before_filter in the Member
controller
and doing an :except => :rss doesn't do the trick


Thank you,
Dave H.
Tom D. (Guest)
on 2006-05-17 20:00
(Received via mailing list)
I have found that it is best to just put the before_filters for
authentication in each of your controllers rather than your
application controller.  Nearly all of my controllers have at least
one publicly visible method so I would end up having to customize each
of them.

However, one alternative would be to override your
check_authentication method in your other controller.  Then you could
add some test to verify the action.  Although this is probably not the
ideal solution.

Tom

On 5/16/06, Dave H. <removed_email_address@domain.invalid> wrote:
> class ApplicationController < ActionController::Base
>     end
> and doing an :except => :rss doesn't do the trick
>
>


--
Tom D.

http://blog.atomgiant.com
http://gifthat.com
Alain R. (Guest)
on 2006-05-17 20:09
(Received via mailing list)
Dave

> Does anyone have any ideas how to allow global access, and no filtering
> to one method in a different controller.


You can add guards in the filter, based on the controller and/or action
names.
Example:

   #in application.rb
     before_filter   :login_required, :except => [:welcome,:login]

     def login_required
         return if self.controller_name == 'test'  <<----- GUARD

         unless current_user
             redirect_to login_invite_url
         end
     end

Alain
This topic is locked and can not be replied to.