Hi, I want to use a method with parameters in the before_filter callback, but also use some conditions like :only => :edit.
For example:
before_filter { |c| c.auth 'admin', :only => :edit }
Off course this is not working, I want to know if there is a way of do this (I googled a lot, obviously without success).
Thanks in advance.
Franco Catena wrote:
Hi, I want to use a method with parameters in the before_filter callback, but also use some conditions like :only => :edit.
For example:
before_filter { |c| c.auth 'admin', :only => :edit }
Off course this is not working, I want to know if there is a way of do this (I googled a lot, obviously without success).
Thanks in advance.
If I understand what you're trying to do (and I very well may not be), you are wanting to limit access to an action to an administrative user. If that assumption is correct, I think most people do that by having a concept of "current_user" and then having the before_filter check with current_user. Something like
before_filter :require_admin, :only => :edit
def require_admin current_user.admin? end
Then you can do whatever you want in current_user.admin? to determine if the user is, in fact, an administrator.
If I've misunderstood, sorry.
Peace, Phillip
Thanks for your answer, you understand correctly. The point is, I want to use the same function for autenticate admins and bare users, for example:
def auth(role = :user) if @user.role != role redirect_to :controller => :users, :action => :login end end
So in some cases I need to use the auth(:admin) and some times the auth(:user) even in the same controller and with exceptions like the action 'login' that don't need authentication.
PD: Sorry for my English... =)
Thanks for your answer, you understand correctly. The point is, I want to use the same function for autenticate admins and bare users, for example:
def auth(role = :user) if @user.role != role redirect_to :controller => :users, :action => :login end end
So in some cases I need to use the auth(:admin) and some times the auth(:user) even in the same controller and with exceptions like the action 'login' that don't need authentication.
how about
def self.auth(role, *args) define_method "auth_#{role}_filter" do if @user.role != role
redirect_to :controller => :users, :action => :login end
end before_filter "auth_#{role}_filter".to_sym, *args end
Now in your controller you can say
auth(:user, :only => :some_action)
you can pass any option you would normally pass to before_filter, eg
auth(:user, :except => [:some_other_action, :something_else])
Fred
This work perfect, thanks for the answers.