Sending additional parameters to before_filter

jjkiesch · July 14, 2006, 5:47pm

i am trying to create a system so that different users have different
priviliges on my application. i was going to modify my authorize
function so that i could pass the required role to it and have it check
the current user for that role.

i am using before_filter and would like to have just one function
instead of writing one for each role like so:

authorize(role)

instead of:

authorize_customer
and
authorise_csr

but i don’t know what i need to do so that i can do something like:

before_filter :authorize(‘Admin’)

jjkiesch · July 14, 2006, 5:54pm

one more thing i was thinking about too was using dynamic function names
like rails does ~~> User.find_by_username(’*****’)

if i could have a before_filter :authorize_user and in another
controller have before_filter :authorize_admin and have them go to the
same function, that would work too, but i don’t know how to do that in
ruby yet.

jjkiesch · July 14, 2006, 5:56pm

Josh K. wrote:

instead of:

authorize_customer
and
authorise_csr

but i don’t know what i need to do so that i can do something like:

before_filter :authorize(‘Admin’)

Send in a thunk, of course:

before_filter { authorize(‘Admin’) }

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.

jjkiesch · July 14, 2006, 6:01pm

Josh K. wrote:

one more thing i was thinking about too was using dynamic function names
like rails does ~~> User.find_by_username(‘*****’)

if i could have a before_filter :authorize_user and in another
controller have before_filter :authorize_admin and have them go to the
same function, that would work too, but i don’t know how to do that in
ruby yet.

One way to do it would be to add the filter to the base controller
instead, and use the solution I wrote in the last mail.

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.

jjkiesch · July 14, 2006, 6:40pm

thanks for the help. i’m still having some problems though. when i try
the code that you gave, it only works when the method is in the current
controller. when i try it and my method is in application.rb, it says
that the method isn’t found.

Ola B. wrote:

Josh K. wrote:

instead of:

authorize_customer
and
authorise_csr

but i don’t know what i need to do so that i can do something like:

before_filter :authorize(‘Admin’)

Send in a thunk, of course:

before_filter { authorize(‘Admin’) }

–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)

“Yields falsehood when quined” yields falsehood when quined.