Before filters with parameters AND conditions

Hi, I want to use a method with parameters in the before_filter callback, but also use some conditions like :only => :edit.

For example:

before_filter { |c| c.auth 'admin', :only => :edit }

Off course this is not working, I want to know if there is a way of do this (I googled a lot, obviously without success).

Thanks in advance.

Franco Catena wrote:

Hi, I want to use a method with parameters in the before_filter callback, but also use some conditions like :only => :edit.

For example:

before_filter { |c| c.auth 'admin', :only => :edit }

Off course this is not working, I want to know if there is a way of do this (I googled a lot, obviously without success).

Thanks in advance.

If I understand what you're trying to do (and I very well may not be), you are wanting to limit access to an action to an administrative user. If that assumption is correct, I think most people do that by having a concept of "current_user" and then having the before_filter check with current_user. Something like

before_filter :require_admin, :only => :edit

def require_admin     current_user.admin? end

Then you can do whatever you want in current_user.admin? to determine if the user is, in fact, an administrator.

If I've misunderstood, sorry.

Peace, Phillip

Thanks for your answer, you understand correctly. The point is, I want to use the same function for autenticate admins and bare users, for example:

def auth(role = :user)    if @user.role != role       redirect_to :controller => :users, :action => :login    end end

So in some cases I need to use the auth(:admin) and some times the auth(:user) even in the same controller and with exceptions like the action 'login' that don't need authentication.

PD: Sorry for my English... =)

Thanks for your answer, you understand correctly. The point is, I want to use the same function for autenticate admins and bare users, for example:

def auth(role = :user)   if @user.role != role      redirect_to :controller => :users, :action => :login   end end

So in some cases I need to use the auth(:admin) and some times the auth(:user) even in the same controller and with exceptions like the action 'login' that don't need authentication.

how about

def self.auth(role, *args)    define_method "auth_#{role}_filter" do      if @user.role != role

     redirect_to :controller => :users, :action => :login   end

   end    before_filter "auth_#{role}_filter".to_sym, *args end

Now in your controller you can say

auth(:user, :only => :some_action)

you can pass any option you would normally pass to before_filter, eg

auth(:user, :except => [:some_other_action, :something_else])

Fred

This work perfect, thanks for the answers.