Rails - Jul 2008 - 2 views, 1 action

hi all,

I want to have an index view for photoalbums both for an admin and for
the users. Does Rails provide a better way to do something like
site.com/albums?admin=1 => shows admin index and site.com/albums =>
shows indew for users
Where i would do something like if params[:admin] == 1 (and some
session checking also) to make the difference between the 2 views?

Thanks;
Stijn
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

On 17 Jul 2008, at 13:51, Tarscher wrote:
>
> hi all,
>
> I want to have an index view for photoalbums both for an admin and for
> the users. Does Rails provide a better way to do something like
> site.com/albums?admin=1 => shows admin index and site.com/albums =>
> shows indew for users
> Where i would do something like if params[:admin] == 1 (and some
> session checking also) to make the difference between the 2 views?
>
Well you can call render :action => whatever you want at any point in  
your action.

Fred
> Thanks;
> Stijn
> >

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

I would recommend namespacing this and having two separate views AND  
two separate actions. Sometimes you may want to do something on the  
admin side that you don''t want to do on the user side.

I wrote a tutorial on this back in March:
http://frozenplague.net/2008/03/16/administration-namespacing/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

It is not difficult

supposed your site.com/albums is handled by AlbumsController''s index
action,
then you can

edit albumscontroller.rb ''s index method as followings

def index
    redirect_to "/admin/index" and return if params[:admin] ==
"1"
    // .... here is normal dealings
end



On Thu, Jul 17, 2008 at 8:51 PM, Tarscher
<tarscher-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> hi all,
>
> I want to have an index view for photoalbums both for an admin and for
> the users. Does Rails provide a better way to do something like
> site.com/albums?admin=1 => shows admin index and site.com/albums =>
> shows indew for users
> Where i would do something like if params[:admin] == 1 (and some
> session checking also) to make the difference between the 2 views?
>
> Thanks;
> Stijn
> >
>

-- 
Nibirutech CTO Eric.Archangel
MSN: archangel_hzm-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org
QQ: 996252
GMAIL: eric.archangel-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
BLOG: http://blog.sina.com.cn/gameloft

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Eric,

What''s stopping somebody from then specifying ?admin=1 on the end of  
the URL and gaining access to those protected actions?

Using a login system with a field identifying a user as an admin or  
not has much greater security than simply something that could be  
tampered with by a script kiddie.

On 17/07/2008, at 11:05 PM, Eric Archangel wrote:
> It is not difficult
>
> supposed your site.com/albums is handled by AlbumsController''s
index
> action, then you can
>
> edit albumscontroller.rb ''s index method as followings
>
> def index
>     redirect_to "/admin/index" and return if params[:admin] ==
"1"
>     // .... here is normal dealings
> end
>
>
>
> On Thu, Jul 17, 2008 at 8:51 PM, Tarscher
<tarscher-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> hi all,
>
> I want to have an index view for photoalbums both for an admin and for
> the users. Does Rails provide a better way to do something like
> site.com/albums?admin=1 => shows admin index and site.com/albums =>
> shows indew for users
> Where i would do something like if params[:admin] == 1 (and some
> session checking also) to make the difference between the 2 views?
>
> Thanks;
> Stijn
>
>
>
>
> -- 
> Nibirutech CTO Eric.Archangel
> MSN: archangel_hzm-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org
> QQ: 996252
> GMAIL: eric.archangel-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
> BLOG: http://blog.sina.com.cn/gameloft
>
> >

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Great tutorial,

This wasexactly what I''m was looking for

Thanks

On 17 jul, 14:56, Ryan Bigg
<radarliste...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> I would recommend namespacing this and having two separate views AND  
> two separate actions. Sometimes you may want to do something on the  
> admin side that you don''t want to do on the user side.
>
> I wrote a tutorial on this back in
March:http://frozenplague.net/2008/03/16/administration-namespacing/
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---