use*_*421 4 authorization ruby-on-rails filter
根据敏捷开发书,我有一个Admin控制用户登录方式的MVC.在ApplicationController,我有一个before_filter检查授权.因此,这将检查用户是否已登录每个页面.
问题是我希望每个人都能够访问该new方法,例如,在用户中(也就是说,任何人都应该能够创建新用户 - 当然!只有管理员用户才能访问UsersController中的其他方法,例如as edit等).最好的方法是什么?
你可以这样做
before_filter :except=>[:method_name] #methods you want to skip filter
要么
before_filter :only=>[:method_name] #methods you want to be filtered before called.
EDITED
before_filter :filter_method, :except=>[:method_name] #methods you want to skip filter
要么
before_filter :filter_method, :only=>[:method_name] #methods you want to be filtered before called.