== ValidateRequest

This plugin allows you to specify and check the method and parameters that are
used to call your actions.

For example, here's a typical action in a typical controller:

  class KittenController < ActionController::Base
    def show
      @kitten = Kitten.find(params[:id])
    end 
  end

This is ordinarily invoked with a URL such as '/kitten/show/5'. The problem is
that if someone visits the url '/kitten/show' or /kitten/show/blech', an
exception will be thrown.

Furthermore, if someone visits the URL '/kitten/show/5&this_kitten=sucks',
your application will be none the wiser. Nothing will break, but sometimes
you'd like to know about these things, for instance to detect when you have a
typo in a GET argument that's originating in another part of your application.

ValidateRequest allows you to double check these things, and act
appropriately. For instance, we could solve the above problem by adding one
line to our action:

  class KittenController < ActionController::Base
    def show
      validate_request(:get, :id => :integer) or return
      @kitten = Kitten.find(params[:id])
    end 
  end

The +validate_request+ method will now verify that incoming requests are via
the GET method, and that they contain one argument called 'id' whose value is
an integer. If any of these conditions aren't true, the requester is
redirected to the site's home page (configurable, of course), and
<tt>flash[:error]</tt> is set with a polite message (also configurable).

== Installation

Install the plugin by running the following commands from your rails
application's directory:

  ./script/plugin source svn://rubyforge.org//var/svn/validaterequest/plugins
  ./script/plugin install validate_request

That's it. You're ready to add calls to +validate_request+ to your actions.

== Quick Start

The above examples show you how to specify simple scalar requirements for the
parameters. Here are some more examples of different options and types to get
you started. Read the USAGE file if you'd like even more detail.

You can allow more than one type of request method by making the first 
argument an array:

  def show
    validate_request([:get, :post], :id => :integer) or return

You can specify a second hash of parameter constraints, which are considered
optional. For example, the following declaration states that the request can
have an optional parameter +:orientation+ (but it must have the integer 
parameter +:id+):

  def show
    validate_request(:get, 
                     {:id => :integer}, 
                     {:orientation => :text}) or return
    ...                     

You can nest parameters:

  def show_author
    validate_request(:get 
                     :id => :integer, 
                     :author => {:name => :text}) or return
    ...                     

To simplify common CRUD form operations, you can specify ActiveRecord models
as types. For example:

  def update
    validate_request(:post, 
                     {:id => :integer}, 
                     {:kitten => Kitten}) or return
    ...

which requires an integer +:id+, and optionally can include a +:kitten+
parameter, whose value is a hash of any of the column names and types from the
Kitten model.

Once again, read the USAGE file if you'd like more detail about what's
allowed, and how things work.

== Author

  Scott A. Woods
  West Arete Computing, Inc.
  http://westarete.com
  scott at westarete dot com