SslRequirement module

dissolved · June 26, 2007, 10:42pm

This is a question is about the SslRequirement rails plugin. However,
it’s also about core concepts behind ruby modules.

Here’s the code for the plugin.

http://pastie.caboo.se/73773

Here’s an example of how you use it.

http://pastie.caboo.se/73774

I’ve used this plugin all over the place in my app. But now, I want
to do some performance testing on the app WITHOUT using https (mainly
because I don’t have control over port 443 on the test machine).
Ideally, I want to add a toggle variable to the module that I can set
from an environment file or application_controller if I must. What I
don’t want to do is go around the app and comment out all my
ssl_required statements.

I’m at a loss as where to inject this toggle, and whether it should be
a class variable or class instance variable or maybe something
completely different. Any and all advice is welcome.

–RYAN

PS - Yes, I’ve double posted this in the rails talk and ruby
discussion groups.

dissolved · June 27, 2007, 12:37am

You could change the third line of the ensure_proper_protocol method
in the plugin like so:

if ssl_required? && !request.ssl? && RAILS_ENV == ‘production’

Or you could use your imagination and make some similar kind of
change somewhere in that method based on an environment variable, a
constant you set in one of the environment config files, etc.

Basically, you just want that method to not redirect and return
false, and there a number of ways you could accomplish that.

–
Benjamin C.
http://www.bencurtis.com/ – blog
http://agilewebdevelopment.com/rails-ecommerce – build e-commerce
sites with Rails

dissolved · June 27, 2007, 2:32pm

Sure, you could do a variety of more clever things like stub a method
in the plugin that can be overridden in the controller, like
acts_as_authenticated does with the authorized method. However, I
don’t know that doing something like that is really better than a
simple tweak to the plugin.

dissolved · June 27, 2007, 7:40am

Ya, I saw that in another post here. That would work fine, but I feel
there is a better way – A meta-programming way. Unfortunately, I’m
still getting my feet wet with injecting class variables / class
instance variables via eval. I know it’s more advanced then most
rails talk, but any insight is appreciated.

– RYAN