Before filters with parameters AND conditions

Hi, I want to use a method with parameters in the before_filter
callback, but also use some conditions like :only => :edit.

For example:

before_filter { |c| c.auth 'admin', :only => :edit }

Off course this is not working, I want to know if there is a way of do
this (I googled a lot, obviously without success).

Thanks in advance.

Franco Catena wrote:

Hi, I want to use a method with parameters in the before_filter
callback, but also use some conditions like :only => :edit.

For example:

before_filter { |c| c.auth 'admin', :only => :edit }

Off course this is not working, I want to know if there is a way of do
this (I googled a lot, obviously without success).

Thanks in advance.

If I understand what you're trying to do (and I very well may not be),
you are wanting to limit access to an action to an administrative user.
If that assumption is correct, I think most people do that by having a
concept of "current_user" and then having the before_filter check with
current_user. Something like

before_filter :require_admin, :only => :edit

def require_admin
    current_user.admin?
end

Then you can do whatever you want in current_user.admin? to determine if
the user is, in fact, an administrator.

If I've misunderstood, sorry.

Peace,
Phillip

Thanks for your answer, you understand correctly. The point is, I want
to use the same function for autenticate admins and bare users, for
example:

def auth(role = :user)
   if @user.role != role
      redirect_to :controller => :users, :action => :login
   end
end

So in some cases I need to use the auth(:admin) and some times the
auth(:user) even in the same controller and with exceptions like the
action 'login' that don't need authentication.

PD: Sorry for my English... =)

Thanks for your answer, you understand correctly. The point is, I want
to use the same function for autenticate admins and bare users, for
example:

def auth(role = :user)
  if @user.role != role
     redirect_to :controller => :users, :action => :login
  end
end

So in some cases I need to use the auth(:admin) and some times the
auth(:user) even in the same controller and with exceptions like the
action 'login' that don't need authentication.

how about

def self.auth(role, *args)
   define_method "auth_#{role}_filter" do
     if @user.role != role

     redirect_to :controller => :users, :action => :login
  end

   end
   before_filter "auth_#{role}_filter".to_sym, *args
end

Now in your controller you can say

auth(:user, :only => :some_action)

you can pass any option you would normally pass to before_filter, eg

auth(:user, :except => [:some_other_action, :something_else])

Fred

This work perfect, thanks for the answers.