Before_filter and the application controller


#1

Hi there,

I’m having a bit of an issue with my before_filter. I know that the
filters
put in the application.rb controller are global for all the controllers.
In
my application filter I’d like to allow access to the RSS feed method in
a
‘member’ controller and skip the login checks that the before_filters
are
currently performing.

In my application my filters look like this:

class ApplicationController < ActionController::Base

before_filter :check_authentication, :except =>
[:check_authentication]
before_filter :register_member_activity, :except =>
[:check_authentication]

def check_authentication
    unless session[:member_id]
        session[:intended_uri] = @request.request_uri
        redirect_to :controller => 'login', :action => "signin_form"
    end
end

etc…

Obviously, now all my controllers and methods have to pass through this
authentication method. For accessing RSS this doesn’t work too well.

Does anyone have any ideas how to allow global access, and no filtering
to
one method in a different controller. I just want to expose the “RSS”
method
in the “Member” controller. Putting a before_filter in the Member
controller
and doing an :except => :rss doesn’t do the trick

Thank you,
Dave H.


#2

Dave

Does anyone have any ideas how to allow global access, and no filtering
to one method in a different controller.

You can add guards in the filter, based on the controller and/or action
names.
Example:

#in application.rb
before_filter :login_required, :except => [:welcome,:login]

 def login_required
     return if self.controller_name == 'test'  <<----- GUARD

     unless current_user
         redirect_to login_invite_url
     end
 end

Alain


#3

I have found that it is best to just put the before_filters for
authentication in each of your controllers rather than your
application controller. Nearly all of my controllers have at least
one publicly visible method so I would end up having to customize each
of them.

However, one alternative would be to override your
check_authentication method in your other controller. Then you could
add some test to verify the action. Although this is probably not the
ideal solution.

Tom

On 5/16/06, Dave H. removed_email_address@domain.invalid wrote:

class ApplicationController < ActionController::Base
end
and doing an :except => :rss doesn’t do the trick


Tom D.

http://blog.atomgiant.com
http://gifthat.com