Forum: Rails Engines Can I replace all link_to() with link_if_authorized()?

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Joshua M. (Guest)
on 2006-05-21 17:06
Hi all

I'm working with the UserEngine and now I'm wondering, if I can use
link_if_authorized() everywhere I'm using link_to() at the moment...?

If so, I could only overwrite the link_to method like the following,

  link_to(controller, action)
    link_if_authorized(controller, action)

Thanks for help! :-)
James A. (Guest)
on 2006-05-22 01:39
(Received via mailing list)
It's probably a bad idea to flat-out override link_to, since there
will be occasions that you don't want to check authorisation when
creating a link. It's worth noting that each call to
link_if_authorized creates a call to authorized?(), which in turn asks
the DB about the current users permissions - having EVERY link in your
site do this is going to impact performance at some point [1].

Instead, I'd suggest that you use link_if_authorized only when it is
truly appropriate to do so.

- james

[1] future versions might address this in some way, although I
wouldn't rely on that happening.
This topic is locked and can not be replied to.