How can I send a parameter to a before filter?

Question

I\'d like to create a before_filter method in my application controller like this...

def check_role(role_name)
  unless logged_in_user.has_role? role_name
    fl         


        

Answer 1

am I trying to drive a screw with a hammer?

Er, possibly ;-)

If I'm reading this correctly, you have a situation where actions within a controller have different access levels, so you want to remove the duplication by creating a single check function?

So you're looking to do something like this?

before_filter :check_role('admin'), :only => [:admin, :debug]
before_filter :check_role('power'), :only => [:edit, :delete]

But the parameter in parens thing is not legal. And anyway, I still see a fair bit of duplication here!

In general, with an area of functionality as well-visited as controller filters, if you can't do something, it's probably because you're looking at something the wrong way. (Remember that Rails is proud to describe itself as "opinionated software"!)

How would it be if you were able to know the action name in your filter method?

Then we'd have

before_filter :check_role

Which is pretty DRY.

We could define permissions in a Hash, perhaps:

Perms = { :admin => ['admin'], :edit => ['admin', 'power'], etc

... which seem to encapsulate the distinct elements of the duplication. If it got complex then the whole thing could move off into a table, although then you're probably duplicating functionality already available in a plugin.

And we'd have

protected
def check_role
  for required_role in Perms[params[:action]]
    return if logged_in_user.has_role? required_role
  end
  flash[:notice] = 'Access to that area requires additional privileges.'
  redirect_to :back
end

Or something similar. params[:action] works on my current Rails version (2.1.2), although the Rails book (v2) mentions an action_name method that seems to return blank for me.