Rails - Aug 2005 - Stop an action ?

Hi.

I am working on a generic authentification system for rails (more
complete than the login generator). The way it works is you call a
method inside your action, passing the domain as a parameter (domains
are like a group of users with specific rights).

For that purpose, I need to exit the action inside this method because
it redirects to a login page if that person isn''t authentified. The
only way I found on to do this is :


class ArticlesController < ApplicationController
  def edit
     if not login_required("users")
      return false
     end
  .....
  end
end

Is there a better way to do so, like calling something similar to
exit() inside the login_required method ?

On 8/17/05, Fabien Penso
<fabienpenso-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> I am working on a generic authentification system for rails (more
> complete than the login generator). The way it works is you call a
> method inside your action, passing the domain as a parameter (domains
> are like a group of users with specific rights).
> 
> For that purpose, I need to exit the action inside this method because
> it redirects to a login page if that person isn''t authentified.
The
> only way I found on to do this is :
> 
> 
> class ArticlesController < ApplicationController
>   def edit
>      if not login_required("users")
>       return false
>      end
>   .....
>   end
> end
> 
> Is there a better way to do so, like calling something similar to
> exit() inside the login_required method ?
Fabien-

"return false" is the correct way to stop an action from processing
(exit would take down the entire process), but normally you''d want to
do what you''re doing in a before_filter. If you did it that way, you
could just "return false" from the filter after doing your redirect
and not have to add that code to each action.

Something like this:

class ArticlesController < ApplicationController
  before_filter :login_required, :only => [ :edit ]

  def login_required
    .. do what you need to with the domain here ..
    if should_redirect? # or whatever
      redirect_to :controller => ''login'', :action =>
''login''
      return false
    end
  end

  def edit
    .. whatever edit does ...
  end
end

Hope this helps,

Ben

On 8/17/05, Ben Schumacher
<benschumacher-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> "return false" is the correct way to stop an action from
processing
> (exit would take down the entire process), but normally you''d want
to
Yeah but it requires 3 lines of code instead of just calling the
login_required method :)
> do what you''re doing in a before_filter. If you did it that way,
you
> could just "return false" from the filter after doing your
redirect
> and not have to add that code to each action.
Won''t work for me, not from what I see. I need to give an argument to
the login_required method which is the "group" of users I do allow
(which can be different depending of which action I protect).

And there is no way to pass parameters to a method you call through
before_filter, is there ?

On 8/18/05, Fabien Penso
<fabienpenso-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> Yeah but it requires 3 lines of code instead of just calling the
> login_required method :)
class ApplicationController < ActionController::Base
  def process(request, response)
    catch(:abort) do
      super(request, response)
    end
    response
  end

  def login_required(acl)
    throw :abort if true
  end

  def hello
    login_required "blah"
    render_text "hello"
  end
end


With this example, #hello will never reach render_text. You''ll want to
give your "login_required" method a name that makes clear its going to
break out of execution.

Use "ri throw" and "ri catch" for more information. Its a
sledgehammer, to be used with care :)

Leon

Hi Leon.

Thanks, that works fine. Perfect :)

On 8/17/05, leon breedt <bitserf-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> On 8/18/05, Fabien Penso
<fabienpenso-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> > Yeah but it requires 3 lines of code instead of just calling the
> > login_required method :)
> 
> class ApplicationController < ActionController::Base
>   def process(request, response)
>     catch(:abort) do
>       super(request, response)
>     end
>     response
>   end
> 
>   def login_required(acl)
>     throw :abort if true
>   end
> 
>   def hello
>     login_required "blah"
>     render_text "hello"
>   end
> end
> 
> 
> With this example, #hello will never reach render_text. You''ll
want to
> give your "login_required" method a name that makes clear its
going to
> break out of execution.
> 
> Use "ri throw" and "ri catch" for more information. Its
a
> sledgehammer, to be used with care :)
> 
> Leon
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
> 

-- 
http://penso.info/ | http://photos.penso.info/
http://linuxfr.org/