Hi, I want to use a method with parameters in the before_filter
callback, but also use some conditions like :only => :edit.
For example:
before_filter { |c| c.auth ‘admin’, :only => :edit }
Off course this is not working, I want to know if there is a way of do
this (I googled a lot, obviously without success).
Thanks in advance.
Franco C. wrote:
Hi, I want to use a method with parameters in the before_filter
callback, but also use some conditions like :only => :edit.For example:
before_filter { |c| c.auth ‘admin’, :only => :edit }
Off course this is not working, I want to know if there is a way of do
this (I googled a lot, obviously without success).Thanks in advance.
If I understand what you’re trying to do (and I very well may not be),
you are wanting to limit access to an action to an administrative user.
If that assumption is correct, I think most people do that by having a
concept of “current_user” and then having the before_filter check with
current_user. Something like
before_filter :require_admin, :only => :edit
def require_admin
current_user.admin?
end
Then you can do whatever you want in current_user.admin? to determine if
the user is, in fact, an administrator.
If I’ve misunderstood, sorry.
Peace,
Phillip
Thanks for your answer, you understand correctly. The point is, I want
to use the same function for autenticate admins and bare users, for
example:
def auth(role = :user)
if @user.role != role
redirect_to :controller => :users, :action => :login
end
end
So in some cases I need to use the auth(:admin) and some times the
auth(:user) even in the same controller and with exceptions like the
action ‘login’ that don’t need authentication.
PD: Sorry for my English… =)
On 15 ago, 22:02, Phillip K. [email protected]
This work perfect, thanks for the answers.
On 16 Aug 2008, at 02:24, Franco C. wrote:
So in some cases I need to use the auth(:admin) and some times the
auth(:user) even in the same controller and with exceptions like the
action ‘login’ that don’t need authentication.
how about
def self.auth(role, *args)
define_method “auth_#{role}_filter” do
if @user.role != role
redirect_to :controller => :users, :action => :loginend
end
before_filter “auth_#{role}_filter”.to_sym, *args
end
Now in your controller you can say
auth(:user, :only => :some_action)
you can pass any option you would normally pass to before_filter, eg
auth(:user, :except => [:some_other_action, :something_else])
Fred
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs