Jonathan Lipps
2006-Jul-18 19:10 UTC
[Rails] before_filter chains and halting at an arbitrary filter
Hi--I''m trying to implement a 2-level authentication system, where I have one before_filter which does general user authentication, and another which does further authorization for a specific controller. I have it set up as follows: before_filter :authorize_level_2 prepend_before_filter :authorize_level_1 which causes authorize_level_1() to run, and then authorize_level_2(). However, the problem is that I want, if authorize_level_1 decides to redirect someone back to the login page, to not run authorize_level_2. Unfortunately it looks like this is what happens, and since authorize_level_2 needs to assume information only available when authorize_level_1 has succeeded, I get errors. Is there any way to halt execution of further filters if some condition is satisfied? I would have though redirect_to() would have this effect, but it appears that code is still executed after a redirect_to() -- Posted via http://www.ruby-forum.com/.
Alan Bullock
2006-Jul-18 19:20 UTC
[Rails] Re: before_filter chains and halting at an arbitrary filter
"Jonathan Lipps" <jlipps@gmail.com> wrote in message news:fdd07479a1f3b6976f4bf09b1cb894c9@ruby-forum.com...> Hi--I''m trying to implement a 2-level authentication system, where I > have one before_filter which does general user authentication, and > another which does further authorization for a specific controller. I > have it set up as follows: > > before_filter :authorize_level_2 > prepend_before_filter :authorize_level_1 > > which causes authorize_level_1() to run, and then authorize_level_2(). > > However, the problem is that I want, if authorize_level_1 decides to > redirect someone back to the login page, to not run authorize_level_2. > Unfortunately it looks like this is what happens, and since > authorize_level_2 needs to assume information only available when > authorize_level_1 has succeeded, I get errors. > > Is there any way to halt execution of further filters if some condition > is satisfied? I would have though redirect_to() would have this effect, > but it appears that code is still executed after a redirect_to() > > -- > Posted via http://www.ruby-forum.com/.Hi Jonathan if you return false from a before filter, it stops the execution of subsequent filters. So returning false after your call to redirect_to should do the trick hth alan
James Ludlow
2006-Jul-18 19:20 UTC
[Rails] before_filter chains and halting at an arbitrary filter
On 7/18/06, Jonathan Lipps <jlipps@gmail.com> wrote:> Is there any way to halt execution of further filters if some condition > is satisfied? I would have though redirect_to() would have this effect, > but it appears that code is still executed after a redirect_to()redirect_to ... return false
Matthew Margolis
2006-Jul-18 19:33 UTC
[Rails] before_filter chains and halting at an arbitrary filter
Jonathan Lipps wrote:> Hi--I''m trying to implement a 2-level authentication system, where I > have one before_filter which does general user authentication, and > another which does further authorization for a specific controller. I > have it set up as follows: > > before_filter :authorize_level_2 > prepend_before_filter :authorize_level_1 > > which causes authorize_level_1() to run, and then authorize_level_2(). > > However, the problem is that I want, if authorize_level_1 decides to > redirect someone back to the login page, to not run authorize_level_2. > Unfortunately it looks like this is what happens, and since > authorize_level_2 needs to assume information only available when > authorize_level_1 has succeeded, I get errors. > > Is there any way to halt execution of further filters if some condition > is satisfied? I would have though redirect_to() would have this effect, > but it appears that code is still executed after a redirect_to() > >I had the exact same problem a few weeks ago. I blogged about the solution here http://blog.mattmargolis.net/articles/2006/07/02/halting-before_filter-chains In short you basically just need to return false. Matthew Margolis blog.mattmargolis.net
Jonathan Lipps
2006-Jul-18 19:54 UTC
[Rails] Re: before_filter chains and halting at an arbitrary filter
Thanks to everyone for kindly responding. Sorry I didn''t know the question had been answered recently (search for the mailing list appears to be down). You''d think a simple behavior for filters like this would be included in the RoR docs! My code works wonderfully now. -Jonathan -- Posted via http://www.ruby-forum.com/.
James Ludlow
2006-Jul-18 20:00 UTC
[Rails] Re: before_filter chains and halting at an arbitrary filter
On 7/18/06, Jonathan Lipps <jlipps@gmail.com> wrote:> Thanks to everyone for kindly responding. Sorry I didn''t know the > question had been answered recently (search for the mailing list appears > to be down). > > You''d think a simple behavior for filters like this would be included in > the RoR docs! My code works wonderfully now.http://api.rubyonrails.org/classes/ActionController/Filters/ClassMethods.html Look under "Filter chain ordering". -- James
Jonathan Lipps
2006-Jul-18 21:44 UTC
[Rails] Re: Re: before_filter chains and halting at an arbitrary fil
> > http://api.rubyonrails.org/classes/ActionController/Filters/ClassMethods.html > > Look under "Filter chain ordering". > > > -- JamesAh, thanks. I know I looked at that section 5 or 6 times; must have breezed over the last two sentences assuming they were talking more about ordering per se and not about breaking the order. My fault! -- Posted via http://www.ruby-forum.com/.