rails_controller.rb |
|
---|---|
This guide applies to a Ruby on Rails Controller class. It is part of Jo Hund’s Software Engineering Guide. |
|
class ProjectsController < ApplicationController
|
|
Configuration |
|
First we include other modules. They add new behavior to the controller. We want to know about this right away. |
include Canable::Permissions
|
Then we define any filters. Order is important here as an earlier before_filter that halts the filter_chain will prevent subsequent filters from being run. If using caches_action, it is critical to have before_filters declared before the cache directive. Action cache uses around filters. If your before_filters are further down the filter_chain than the cache around filter, the before filter might bever get executed (e.g. to check permissions to a resource). |
before_filter :load_client
before_filter :require_login
|
Then we provide cache directives |
caches_action :index
|
Controller ActionsWe keep the order of actions as generated by scaffolding. Makes it easy to find things. |
|
Index action
|
def index
enforce_list_permission(Project)
@projects = Project.all
respond_to do |format|
format.html
format.js
end
end
|
Show action
|
def show
@project = current_user.projects.all
enforce_view_permission(@project)
respond_to do |format|
format.html
format.js
end
end
|
New action
|
def new
@project = current_user.projects.build
enforce_create_permission(@project)
respond_to do |format|
format.html
format.js
end
end
def edit
end
|
Create action
|
def create
@project = current_user.projects.build
enforce_create_permission(@project)
respond_to do |format|
if @project.save
flash[:notice] = 'Project was successfully created.'
format.html { redirect_to(@project) }
format.js
else
format.html { render :action => "new" }
format.js
end
end
end
|
Update action
|
def update
@project = current_user.projects.find(params[:id])
enforce_update_permission(@project)
respond_to do |format|
if @project.update_attributes(params[:project])
flash[:notice] = 'Project was successfully updated.'
format.html { redirect_to(@project) }
format.js
else
format.html { render :action => "edit" }
format.js
end
end
end
|
Destroy action
|
def destroy
@project = current_user.projectsfind(params[:id])
enforce_destroy_permission(@project)
@project.destroy
respond_to do |format|
format.html { redirect_to(projects_path) }
format.js
end
end
|
Next are protected actions. The |
protected
def a_protected_method
end
|
And finally are private actions. The |
private
def a_private_method
end
end |