a particular controller. What I'm understanding you to be saying is you
can specify, in application.rb, all of the actions to either include or
exclude regardless of the controller. So if I do this in application.rb
before_filter :login_required, :only => [:create, :update, :destroy]
then it would apply to :create, :update, and :destroy actions in any
controller. I have never understood it to work that way, but maybe it
does. Rather, my understanding is that if you specify :only or :except,
it will look in the "current" controller, that is, whichever one the
before_filter statement is found. So in my contrived case above, the
filter would actually never get called because you don't have :create,
:update, :destroy actions in application.rb. On the other hand, in your
example where you have :except, it seems that it would always get called
because you don't have the exceptions in your application.rb.
I certainly won't be surprised to find out that my understanding is
wrong (I'm often wrong and have learned to accept it cheerfully), but I
will be surprised if that is actually how it works. It seems it would be
an extremely complicated way to go about things.
I am not an expert in ROR, so I am only taking a stab in the dark
here. It is my understanding that, from your example above, the
before_filter with the :only option will apply to the named actions
every controller. In other words the :create, :update, :destroy
actions in all the controllers, if this is declared in the
Application.rb. If it is declared in any other controllers, then it
will only apply to those actions within that controller. That is my
understanding of how the Application controller works. Then again I
may probably be totally off the target in my understanding, and it
wouldn't surprise me either.
As for the skip_before_filter, the API docs say
You can control the actions to skip the filter for with the :only and
:except options, just like when you apply the filters.
so I assume you could do something like
skip_before_filter :login_required, :only => [:passwd_reset]
But as I said before, I have not made use of skip_before_filter, so I
might be blabbering on about something I shouldn't be
You are right in this. For some reasons it totally slipped my mind
about using the :only options.
Please don't take this the wrong way, but I'm not sure I'd be satisfied
with your route "solution". To have to put a bogus value on your route
to get it to work suggests to me that something else is amiss.
Nah, I wouldn't take it the wrong way. Always open to suggestions and
I wouldn't see it as putting a bogus value in the route but a way to
simplify the routing. Instead of using "/users/passwd_reset" in my
url, I use only "/passwd_reset". Since there is only one such action
called passwd_reset. Looks better too.
Anyway that wasn't the reason why I did it. As I mentioned before, for
some reason my routing does not understand if I use "/user/
passwd_reset" as a link to call upon the passwd_reset action.
Apparently my route is expecting a /controller/action/id format.
(Probably due to the fact that I have declared "map.resources :users"
in the routing as well). So as a quick work-around based on limited
understanding of routing, I added the extra directive in my routing.
It "solved" my issue that I can now use "/passwd_reset" and it seems
to work with the exclusion in the before_filter as well.
Incidentally I tried what you previously suggested. Which was using
before_filter without exclusion in application.rb and place
"skip_before_filter.....:only => ..." in the User controller. It still
give me the same result as before.
Thanks for all your input.