1

To prevent an action from executing in some controller in a rails app unless authenticated you could use 

before_filter :validate_user, :only => [:create, :update]

This would prevent create and update from being executed unless an authorized user was attempting it. If the actions create and update are in a controller within a rails engine this does not work.

How do you conditionally block the execution of an action on a controller that is within a rails engine?

4

1 回答 1

0

如果有validate_user问题的方法返回false,过滤器链将停止并且不会执行操作。

典型的模式如下所示:

def validate_user
  unless (...valid_conditions...)
     flash[:error] = "You're not logged in."
     redirect_to(login_path)
     return false
   end
end

在停止过滤器链之前,您可以做任何您想做的事情,但理想情况下,您可以先做redirect一些render事情。

于 2012-06-14T06:14:33.143 回答