Can I replace all link_to() with link_if_authorized()?


#1

Hi all

I’m working with the UserEngine and now I’m wondering, if I can use
link_if_authorized() everywhere I’m using link_to() at the moment…?

If so, I could only overwrite the link_to method like the following,
right?

Something::SomethingElse
link_to(controller, action)
link_if_authorized(controller, action)
end
end

Thanks for help! :slight_smile:
Joshua


#2

It’s probably a bad idea to flat-out override link_to, since there
will be occasions that you don’t want to check authorisation when
creating a link. It’s worth noting that each call to
link_if_authorized creates a call to authorized?(), which in turn asks
the DB about the current users permissions - having EVERY link in your
site do this is going to impact performance at some point [1].

Instead, I’d suggest that you use link_if_authorized only when it is
truly appropriate to do so.

  • james

[1] future versions might address this in some way, although I
wouldn’t rely on that happening.