Question on how ROR choses a controller instance ``at runtim

I have read through, written, and completed several ROR examples from
widely available texts. So far so good.

However, texts (ROR Up and Running [Pub: O’Reilly], Ruby for Rails
[Pub: Manning]) are sorely lacking in describing the dynamic aspects of
ROR as background for writing more complex applications. And, yes, part
of this question derives from my own lack of experience.

Bottom line question: how can you dynamically choose which controller
is created and run on an incoming request?

Motivating example: A web system requires a login. A login is either an
instance of a priviledged user or some other user. Once the login is
done, the web system must display the home page. The home page must
always have a button labeled log out." Also, if the user is priviledged, then it must have another buttonAdmin."

Now if this was a non-web, non-DB program i.e. a windows GUI running
all in memory, a if-then, lookup, or case statement could cateogorize
the login as priviledged or not. Then, as the case may be, a
priviledged or non-priviledged controller ``theController" would be
created. It would know how to create the appropriate view(s) instances
and model instances. So, the non-priviledged controller would create
views which DO NOT give an admin button whereas a privileged controller
would. And if the logout button was pressed, the non-priviledged or
priviledged controller could vary their behavior depending on what was
needed. The controller would available at anytime in memory to control
any future interactions. This is basic, simple, classic OO in a MVC

It’s unclear how this thinking carries into ROR after the home page

Doing the login and getting the home page with or without the admin" button roughly runs like this. You'd probably create two models PrivUser and User plus LoginController, UserController, PrivUserControllers. Upon entering the login id and password into one's web browser, the form data would be sent to the LoginController which could easily verify the id and password, and create a PrivUser or User instance. By then it's dirt simple to instantiate a UserController or PrivUserController and pass control to it (i.e. via a method call on the User or PrivUser instance or merely performing an if-then on the class of the user) which would render the home page. The PrivUserController would eventually delegate to view(s) which DO INCLUDE anadmin" button whereas the UserController wouldn’t include
that button.

But now what? How should clicking on ``logout" work? Because once the
home page appears the controller instance is lost (stateless
computing). Suppose, that in addition to performing normal logout
behavior, a priviledged user must perform some other action A at

So when the user clicks on ``logout" how could I route the request to,
say, PrivUserController if a priviledged user was logged in or
UserController otherwise? What’s the right design or thinking pattern

Thank you in advance.

you should certainly not use different controllers for different user
instead, you should

  • In your controller: use before_filter e.g. to call a method that
    validates weihter the user has the corect priviliges to run the
    requested action.
    -in your views: do somthing like this:

<% if @user.privilege = “admin” %>
Admin Area

hope that helps, aint got much time to write a book about it :smiley:

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs