Before filters with parameters AND conditions

Hi, I want to use a method with parameters in the before_filter
callback, but also use some conditions like :only => :edit.

For example:

before_filter { |c| c.auth ‘admin’, :only => :edit }

Off course this is not working, I want to know if there is a way of do
this (I googled a lot, obviously without success).

Thanks in advance.

Franco C. wrote:

Hi, I want to use a method with parameters in the before_filter
callback, but also use some conditions like :only => :edit.

For example:

before_filter { |c| c.auth ‘admin’, :only => :edit }

Off course this is not working, I want to know if there is a way of do
this (I googled a lot, obviously without success).

Thanks in advance.

If I understand what you’re trying to do (and I very well may not be),
you are wanting to limit access to an action to an administrative user.
If that assumption is correct, I think most people do that by having a
concept of “current_user” and then having the before_filter check with
current_user. Something like

before_filter :require_admin, :only => :edit

def require_admin
current_user.admin?
end

Then you can do whatever you want in current_user.admin? to determine if
the user is, in fact, an administrator.

If I’ve misunderstood, sorry.

Peace,
Phillip

Thanks for your answer, you understand correctly. The point is, I want
to use the same function for autenticate admins and bare users, for
example:

def auth(role = :user)
if @user.role != role
redirect_to :controller => :users, :action => :login
end
end

So in some cases I need to use the auth(:admin) and some times the
auth(:user) even in the same controller and with exceptions like the
action ‘login’ that don’t need authentication.

PD: Sorry for my English… =)

On 15 ago, 22:02, Phillip K. [email protected]

This work perfect, thanks for the answers.

On 16 Aug 2008, at 02:24, Franco C. wrote:

So in some cases I need to use the auth(:admin) and some times the
auth(:user) even in the same controller and with exceptions like the
action ‘login’ that don’t need authentication.

how about

def self.auth(role, *args)
define_method “auth_#{role}_filter” do
if @user.role != role

 redirect_to :controller => :users, :action => :login

end
end
before_filter “auth_#{role}_filter”.to_sym, *args
end

Now in your controller you can say

auth(:user, :only => :some_action)

you can pass any option you would normally pass to before_filter, eg

auth(:user, :except => [:some_other_action, :something_else])

Fred

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs