Forum: Rails Engines Can I replace all link_to() with link_if_authorized()?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Fc582698581884352e745d1d4c64699d?d=identicon&s=25 Joshua Muheim (josh)
on 2006-05-21 15:06
Hi all

I'm working with the UserEngine and now I'm wondering, if I can use
link_if_authorized() everywhere I'm using link_to() at the moment...?

If so, I could only overwrite the link_to method like the following,
right?

Something::SomethingElse
  link_to(controller, action)
    link_if_authorized(controller, action)
  end
end

Thanks for help! :-)
Joshua
05d703f649ef1d07e78d7b479fb4c4ac?d=identicon&s=25 James Adam (Guest)
on 2006-05-21 23:39
(Received via mailing list)
It's probably a bad idea to flat-out override link_to, since there
will be occasions that you don't want to check authorisation when
creating a link. It's worth noting that each call to
link_if_authorized creates a call to authorized?(), which in turn asks
the DB about the current users permissions - having EVERY link in your
site do this is going to impact performance at some point [1].

Instead, I'd suggest that you use link_if_authorized only when it is
truly appropriate to do so.

- james

[1] future versions might address this in some way, although I
wouldn't rely on that happening.
This topic is locked and can not be replied to.