How can one have the equivalent of “before_filter” checking (e.g. to
require a user to be logged in before carrying out an action) on a
method when the method is called implicitly inside another action (the
before_filter doesn’t seem to get run)?
So in this instance I have a restful controller that allows users to
enter a new “entry”, but after they click the next button instead of
automatically creating the new entry, I would like to provide an
additional “confirmation” stage where they can confirm their entry
details, and their entries can be validated as well. After they have
confirmed and the entries validated, then I would like to call the
create action where it is then created.
My understanding is that you can’t redirect a post request to another
handler (without writing a separate ruby method to create a HTTP
request that resends the POST parameters etc…) and so what I have
read somewhere else is to do if/then/else checking with params of the
submit button’s name instead.
Unfortunately doing it this way (refer to code below), the
before_filter which requires a user to be logged in, doesn’t get run.
What I would like to do is place no restrictions up to the
confirmation stage, and only require a logged in user for the create
Is there a right way to do this or is this just a really un-rails way
of doing this - in which case how should it be done normally?
Thanks for your help!
Sample Code (Rails v2.3.4):
class EntryController < ApplicationController
before_filter :require_user, :only => [:create]
# ==new # new_entry_url (GET /entries/new) def new # Display user a form page where they can fill # in details of a new entry, which will then # submit a post request to "confirm" end # ==confirm # confirm_new_entry_url (POST /entries/new/confirm) def confirm # Check params for button type so we can still handle it # as a "post" request without redirection if params["next"] # Validate entry and present user with a confirmation page # so they can check their entries are correct _before_ # entry is created. elsif params["create"] # Called from the confirmation page where there will # be a button with name "create" create render :action => :create return elsif params["back"] # Called from the confirmation page where there will # be a button with name "back" to correct user's entries new render :action => :new return end # ==create # entries_url (POST /entries) def create # This action should only be run if the user is logged in! # But because of the re-rendering from confirm action, # the before_filter that checks whether user is logged in or # not does not seem to get run. # # @entry.save etc... end