Question on routes and default routes

Say I have a destroy action configured as the following

map.foo ‘/foos/:id’, :controller => ‘foos’, :action => ‘show’,
:conditions => { :method => :get }
map.foo ‘/foos/:id’, :controller => ‘foos’, :action => ‘destroy’,
:conditions => { :method => :delete }

Get on foos/:id goes to show and delete on foos/:id goes to destroy.
Nice and restful so all good so far.

But now say if i have the following default route in my routes.rb

map.connect ‘:controller/:action/:id’

Now someone can explicitly type in the url http://…/foos/destroy/123
and it will go to my destroy action in controller foos although this
action should only be accessed by a POST/DELETE not a GET.

Is there anyway to prevent a get on that action other than checking
within the controller itself?

def destroy
return home_url unless method.delete?

end

Thanks!

Hi,

I’m kind of new to rails, but I’m pretty sure it is suggested that you
remove those defaults, and only create routes explicitly.

Thanks,
Brandon

If you are going to go with a Restful design, why not just you
map.resources?

On Mar 15, 11:25 am, Rails D. [email protected]

It is NOT suggested that the defaults be removed like Brandond says.

It IS suggested that you use map.resources :foos. Which will give you
what you want.

if you, however, want to check explicitely for the method of and
action you can do things like:

def some_action
render(:text => “you shouldnt be trying this”) and return unless
reques.post?


end

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs