Canceling execution of parent method

I’m trying to write sort of a short-and-sweet authentication
permissions system. As it is right now, I know how I think I want it
to work but I’m having trouble making it escape the controller action
that was running if validation fails.

Controller in some action:
if belongs_to_current_user?(@article)
# User must have permission to edit their own article
permission_required(“article”, “edit”)
# User must have permission to edit other’s articles
permission_required(“article”, “edit-a”)

Application controller:

Denies access to unauthorized users.

def permission_required(cont, code)
unless permission?(cont, code)
flash[:warning] = “You don’t have the permission required for
access to this function”
redirect_to home_url
return false

The “return false” I have there, I want it cancel processing from the
action in my controller but it only cancels processing from the rest
of the permission_required method.

I’m at a loss as to how to put code safely after calling
permission_required in my controller, without worrying about it
getting executed anyway after the user is redirected.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs