Params hash access in before_filter

dubstep · March 8, 2011, 8:20am

I’ve googled around enough to see that this is a common issue, but
haven’t found a definitive answer on how to access a value from the
params hash in a before_filter. I’m currently trying this:

before_filter :only => [:create, :update, :destroy] do |controller|
controller.bounce_if_unauthorized params[:token]
end

with the following in application_controller.rb:

protected
def bounce_if_unauthorized token
puts token
redirect_to root_path,
:alert => ‘You are not authorized.’ unless token == ‘abcde’
end

but the equality is never true. Meanwhile, the verify method mentioned
at Action Controller Overview — Ruby on Rails Guides
is no longer listed in the API, so that’s probably not the way to go
either.

How can I create a before_filter based on an element of the params
hash?

Todd_ASJacobs · March 8, 2011, 8:27am

On Mar 8, 12:45am, “Todd A. Jacobs” [email protected]
wrote:

I’ve googled around enough to see that this is a common issue, but
haven’t found a definitive answer on how to access a value from the
params hash in a before_filter. I’m currently trying this:

before_filter :only => [:create, :update, :destroy] do |controller|
controller.bounce_if_unauthorized params[:token]
end

If you use the block form of before_filter then self isn’t the
controller instance - params[:token] goes nowhere.
controller.params[:token] would work (if params is public - I don’t
recall), or you could do
before_filter :blah, :only => …

def blah
unless params[:token] == …
…
end
end
Fred