rails action controller

default_url_options

class ApplicationController < ActionController::Base
  # The options parameter is the hash passed in to 'url_for'
  def default_url_options(options)
    {:locale => I18n.locale}
  end
end

These options will be used as a starting-point when generating URLs, so it’s possible they’ll be overridden by url_for.

class ApplicationController < ActionController::Base
  before_filter :require_login
 
  private
 
  def require_login
    unless logged_in?
      flash[:error] = "You must be logged in to access this section"
      redirect_to new_login_url # halts request cycle
    end
  end
 
  # The logged_in? method simply returns true if the user is logged
  # in and false otherwise. It does this by "booleanizing" the
  # current_user method we created previously using a double ! operator.
  # Note that this is not common in Ruby and is discouraged unless you
  # really mean to convert something into true or false.
  def logged_in?
    !!current_user
  end
end

class LoginsController < ApplicationController
  skip_before_filter :require_login, :only => [:new, :create]
end

class ApplicationController < ActionController::Base
  around_filter :catch_exceptions
 
  private
 
  def catch_exceptions
    yield
  rescue => exception
    logger.debug "Caught exception! #{exception}"
    raise
  end
end

Other Ways to Use Filters

class ApplicationController < ActionController::Base
  before_filter do |controller|
    redirect_to new_login_url unless controller.send(:logged_in?)
  end
end

Note that the filter in this case uses send because the logged_in? method is private and the filter is not run in the scope of the controller. This is not the recommended way to implement this particular filter, but in more simple cases it might be useful.

class ApplicationController < ActionController::Base
  before_filter LoginFilter
end
 
class LoginFilter
  def self.filter(controller)
    unless controller.send(:logged_in?)
      controller.flash[:error] = "You must be logged in"
      controller.redirect_to controller.new_login_url
    end
  end
end

Verification

class LoginsController < ApplicationController
  verify :params => [:username, :password],
         :render => {:action => "new"},
         :add_flash => {
           :error => "Username and password required to log in"
         }
 
  def create
    @user = User.authenticate(params[:username], params[:password])
    if @user
      flash[:notice] = "You're logged in"
      redirect_to root_url
    else
      render :action => "new"
    end
  end
end

class LoginsController < ApplicationController
  verify :params => [:username, :password],
         :render => {:action => "new"},
         :add_flash => {
           :error => "Username and password required to log in"
         },
         :only => :create # Run only for the "create" action
end

rescue_from

When an exception occurs which is caught by a rescue_from directive, the exception object is passed to the handler. The handler can be a method or a Proc object passed to the :with option. You can also use a block directly instead of an explicit Proc object.

class ApplicationController < ActionController::Base
  rescue_from ActiveRecord::RecordNotFound, :with => :record_not_found
 
  private
 
  def record_not_found
    render :text => "404 Not Found", :status => 404
  end
end

class ApplicationController < ActionController::Base
  rescue_from User::NotAuthorized, :with => :user_not_authorized
 
  private
 
  def user_not_authorized
    flash[:error] = "You don't have access to this section."
    redirect_to :back
  end
end
 
class ClientsController < ApplicationController
  # Check that the user has the right authorization to access clients.
  before_filter :check_authorization
 
  # Note how the actions don't have to worry about all the auth stuff.
  def edit
    @client = Client.find(params[:id])
  end
 
  private
 
  # If the user is not authorized, just throw the exception.
  def check_authorization
    raise User::NotAuthorized unless current_user.admin?
  end
end