Locking Out User Access

Hi all,

I'm new to rails and this is my first post to this list so apologies
if I'm little slow on a few things.

I have a standard database app with multiple users and a limited
access admin controller. Occasionally, I need to run some very
processor-intensive queries on the database that slow the app to a
crawl. During this time, I would like to lock out users from accessing
the app. Specifically, I want to redirect users accessing any
controller other than the admin controller to a page that says "check
back later".

Currently, I just edit my .htaccess file when I do this. However, I
want to be be able to run an action from my admin controller that does
this for me.

I tried setting a global variable (with a dollar sign) in my admin
controller but none of the other controllers seem to be able to see
it. I can't store the variable in the database either, since the busy
database is the reason I wanted to lock users out in the first place.
I'm also considering just having the action run a shell script but I'm
not really sure how to do this.

If anyone has any ideas, I'd be much obliged.

-- Andrew

it sounds like you want a filter at the top of the application controller that checks whether a "redirect all non-admin users" flag is set and, if so, checks whether the request is coming from a logged in user who has the admin bit. the filter should redirect to the temporary page, and shouldn't run for the login controller (which you'll need to go to manually, but will let you log in so admin users can bypass the filter.

you might look at how acts_as_authenticated handles login filters to provide some guidance on doing one yourself.

-faisal

Andrew Fong wrote:

Hi all,

I'm new to rails and this is my first post to this list so apologies
if I'm little slow on a few things.

I have a standard database app with multiple users and a limited
access admin controller. Occasionally, I need to run some very
processor-intensive queries on the database that slow the app to a
crawl. During this time, I would like to lock out users from accessing
the app. Specifically, I want to redirect users accessing any
controller other than the admin controller to a page that says "check
back later".

Currently, I just edit my .htaccess file when I do this. However, I
want to be be able to run an action from my admin controller that does
this for me.

I tried setting a global variable (with a dollar sign) in my admin
controller but none of the other controllers seem to be able to see
it. I can't store the variable in the database either, since the busy
database is the reason I wanted to lock users out in the first place.
I'm also considering just having the action run a shell script but I'm
not really sure how to do this.

If anyone has any ideas, I'd be much obliged.

Capistrano has (or had?) a way to disable your web access altogether by creating a maintenance.html file. With Apache configured correctly all requests are being served this file when it exists. When the file is removed the application becomas accessible once more. You should be able to do something similar.