[Boulder Ruby Group] rendering now!
Bruce Williams
bruce at codefluency.com
Fri Jun 29 01:00:47 EDT 2007
I'd agree with Tony here, Ara.
Authentication is generally handled as a filter (vs explicitly calling it
from an action) -- lots of bonuses with doing it this way, since on a single
line (before_filter :authenticate :only => [:foo, :bar]) you can get a
bird's eye view of security within a controller, and it looks/feels better
[at least to me].
If you need to render a specific 'access denied' page, you should be able to
render and then return false from the filter, or do a redirection.
Cheers,
Bruce
--
Bruce Williams
http://codefluency.com
On 6/28/07, Tony Arcieri <tony at clickcaster.com> wrote:
>
> Filters, which prevent the action from ever being executed in the
> first place, are the typical solution to that problem (if I'm reading
> it correctly)
>
> --
> Tony Arcieri
> ClickCaster, Inc.
>
> On 6/28/07, ara.t.howard <ara.t.howard at gmail.com> wrote:
> >
> > i hope i am doing something stupid and someone has a slicker way
> >
> > http://drawohara.tumblr.com/post/4517961
> >
> > ??
> >
> > -a
> > --
> > we can deny everything, except that we have the possibility of being
> > better. simply reflect on that.
> > h.h. the 14th dalai lama
> >
> >
> >
> > _______________________________________________
> > Bdrg-members mailing list
> > Bdrg-members at rubyforge.org
> > http://rubyforge.org/mailman/listinfo/bdrg-members
> >
> _______________________________________________
> Bdrg-members mailing list
> Bdrg-members at rubyforge.org
> http://rubyforge.org/mailman/listinfo/bdrg-members
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/bdrg-members/attachments/20070628/522c9b7d/attachment.html
More information about the Bdrg-members
mailing list