search for: before_filter

...orkaround just in case anyone else hits it. I designed a security enhancement so that controller methods can be protected by preceding them with a role. The standard Ruby method_added() callback is used to detect when controller methods are added, and then I manipulate the controller''s before_filter chain appropriately. My code worked fine in Rails 1.0, and then stopped working in Rails 1.1. I eventually tracked down the bug to the new implementation of ActionController::Filters::before_filters and include_actions, which cache their results the first time they are called. This caching ap...

Hi, I see from this post http://groups.google.com/group/rubyonrails-talk/browse_thread/thread/97e333daab05b725/8252c90cb9c36f6d?lnk=gst&q=passing+parameter+before_filter#8252c90cb9c36f6d it can specify the Proc in the before_filter function, but when specify when action apply this filter, it raise an syntax error, such as rthe following code before_filter {|controller| c.send(:catalog_access, [current_user])}, :only=>[:manage_catalog] Will raise an syntax err...

Hi there I am wondering if we can use before_filter in the form of :action OR :action what i want to do is to implement one of the actions, if the first failed, then go to the second when i use before_filter :action1 before_filter :action2 each method will run them, my case is that i want to check if one of them is true and not both any idea? --...

Hi there, I''m having a bit of an issue with my before_filter. I know that the filters put in the application.rb controller are global for all the controllers. In my application filter I''d like to allow access to the RSS feed method in a ''member'' controller and skip the login checks that the before_filters are currently performing....

i am trying to create a system so that different users have different priviliges on my application. i was going to modify my authorize function so that i could pass the required role to it and have it check the current user for that role. i am using before_filter and would like to have just one function instead of writing one for each role like so: authorize(role) instead of: authorize_customer and authorise_csr but i don''t know what i need to do so that i can do something like: before_filter :authorize(''Admin'') -- Posted...

Hello list, I have an app that has a very simple authorization scheme. A person can have many roles and roles can have many people. In my app, I''d like to do before_filter :login_required (since no role name is provided, it accepts any users with credentials) before_filter :login_required ("administrator") (only accepts those with role administrator) before_filter :login_required {"administrator", "buyer", "seller"} (accepts t...

Can you restric before_filter to specific actions? -- Posted via http://www.ruby-forum.com/.

Hi! I want to add a function with a static paramter ("2" in the example) to a filter, but somehow Rails seems to be looking for another syntax. before_filter :check_quantity(2), :only => [:show] doesn''t work. What''s the right way to do this? Thanks a lot! -- Posted via http://www.ruby-forum.com/.

Hi all I have the following class: class MemberController < ApplicationController before_filter :authorize, :except => :index def index ... end Now I want to give the before_filter more than one :except argument. I tried :except => {:index, :login}, but this didn''t work. How can i accomplish this? Thanks a lot and have a nice day, Josh -- Posted via http://www.ruby-f...

Hello again, It''s possible to use before_filter in the application_controller, and exclude for some methods from other controllers ? i have a before_filter in application_controller that checks if the user is logged, if the time hasn''t expired, ... and I want to exclude some methods of this check, like the login. This ''login&...

I have two before_filters for a few of my controllers. They are running my own methods authorize and admin_authorize. authorize is called on just about every action to make sure that a user is logged in. admin_authorize is called on about 80% of the actions and is used to make sure that a user is an administrator....

I have multiple roles in my application. Now I want to block a method for all users except the administrator and a manager. When I do this: before_filter (:check_administrator_role), :only => [:administration] before_filter (:check_taskmanager_role), :only => [:administration] The user must have both roles. How can I change that to an "OR" combination? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~...

Can you set a global before_filter action in application.rb? So, for example, you could control authentication for all of the controllers in an app.? Obviously, you would need a way to reference actions by controller within this "global before-filter". Thanks, Wes -- Posted via http://www.ruby-forum.com/.

Let''s say I''m using before_filter in my controller: before_filter :setup def setup # do something here end Is there any way my setup method can know which action is really about to be called? Let''s say I want to log out which action is going to be called, how can I know that in the before_filter method?...

I know its probably doesnt sound right, but I am trying to call a before_filter method that will check whats the user role and then based on that return a string / hash / array to the before_filter something like this: class MonqiClassesController < ResourceController::Base before_filter :check_user_access_level , grant_access def check_user_access_level if curr...

Code sample: class SomeController < ApplicationController before_filter do |c| add_crumb "Blah", "/blah" #breadcrumbs plugin redirect_to :controller => "foo", :action => "bar" unless c.send (:has_package?) end # Rest of the controller... private def has_package? # A bunch of logic work to check to make sure # somebody...

I want to put a before_filter in application.rb, as follows: before_filter :do_something, :except_controller => [:admin] def do_something(options) options.stringify_keys! unless options[:except_controller].include?(controller_name) # do something useful end end Where I''m blocking is on how to get the ...

I have been scratching my head on this one for most of the day. Hopefully someone can help explain why before_filter isn''t working for my codes. In my Application controller, I have this: before_filter :login_required, :except => [:newacct, :create_newacct, :passwd_reset ] def login_required unless session[:user_id] flash[:notice] = "Please log in" redirect_to new_session_...

I was thinking about having instance variable stored and fetched from session container automatically before calling an action and after the action is finished. Using methodology of accessors it would look like: class MyController < ActionController::Base persistent_attr :person def alfa person = ''John Smith'' # render as usual view alfa.rhtml with anchor

I''ve successfully gotten acts_as_authenticated working. Currently the before_filter line for my admin screen is like this: class AdminController < ApplicationController include AuthenticatedSystem before_filter :login_required Only issue I have now is that anyone logged in can access that screen. I''d like to differentiate between a regular user and...