Hi,
Getting into the later chapters of the Agile book depot app (and getting more confused as it goes along!) Boy for awhile I thought I was really getting it, now I’m not so sure.
Anyway, Chapter 11, talking about limiting access to admins. They have
you create a filter (something I am fuzzy on understanding) that calls an authorize method. This method is placed inside the application controller, I think so all the other controllers can access it.
Now, here’s the part that really has me confused. He states "we need to
restrict access to this method (the authorize filter) because the methods in application.rb appear as instance methods in all our controllers. Any public methods here are exposed to end users as actions."
So he marks the filter as private.
Ok - then in the next line we go and add this authorize filter in the admin_controller.rb. But - how does it even see this method in the application.rb if it is a private method? He just stated he put private
so instance methods would not be visible in the controllers.
I believe I am mixing up some terminology here - possibly instance method vs. action? I’m really confused here though, so any tips are appreciated.
Check these links for more information on Ruby’s method visibility.
http://weblog.jamisbuck.org/2007/2/23/method-visibility-in-ruby http://blog.zerosum.org/2007/11/22/ruby-method-visibility
