Agile Web Development with Rails, Edition 4

Agile Web Development with Rails, Edition 4

13.4 Iteration H4: Adding a Sidebar 13.2 Iteration H2: Authenticating Users

13.3 Iteration H3: Limiting Access

 
edit app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
  before_filter :authorize
 
    # ...
 
  protected
 
    def authorize
      unless User.find_by_id(session[:user_id])
        redirect_to login_url, :notice => "Please log in"
      end
    end
end
edit app/controllers/sessions_controller.rb
class SessionsController < ApplicationController
  skip_before_filter :authorize
edit app/controllers/store_controller.rb
class StoreController < ApplicationController
  skip_before_filter :authorize
edit app/controllers/carts_controller.rb
class CartsController < ApplicationController
    skip_before_filter :authorize, :only => [:create, :update, :delete]
 
edit app/controllers/line_items_controller.rb
class LineItemsController < ApplicationController
    skip_before_filter :authorize, :only => :create
 
edit app/controllers/orders_controller.rb
class OrdersController < ApplicationController
    skip_before_filter :authorize, :only => [:new, :create]
 
pub depot_r
edit app/views/layouts/application.html.erb
<!DOCTYPE html>
<html>
<head>
  <title>Pragprog Books Online Store</title>
  <%= stylesheet_link_tag "scaffold" %>
  <%= stylesheet_link_tag "depot", :media => "all" %>
  <%= javascript_include_tag :defaults %>
  <%= csrf_meta_tag %>
</head>
<body id="store">
  <div id="banner">
    <%= image_tag("logo.png") %>
    <%= @page_title || "Pragmatic Bookshelf" %>
  </div>
  <div id="columns">
    <div id="side">
      <% if @cart %>
        <%= hidden_div_if(@cart.line_items.empty?, :id => "cart") do %>
          <%= render @cart %>
        <% end %>
      <% end %>
 
      <a href="http://www....">Home</a><br />
      <a href="http://www..../faq">Questions</a><br />
      <a href="http://www..../news">News</a><br />
      <a href="http://www..../contact">Contact</a><br />
 
      <% if session[:user_id] %>
        <br />
        <%= link_to 'Orders',   orders_path   %><br />
        <%= link_to 'Products', products_path %><br />
        <%= link_to 'Users',    users_path    %><br />
        <br />
        <%= button_to 'Logout', logout_path, :method => :delete   %>
      <% end %>
    </div>
    <div id="main">
      <%= yield %>
    </div>
  </div>
</body>
</html>
get /admin

Welcome

It's Sun Jun 06 09:00:25 -0400 2010 We have 101 orders. 
post /logout
You are being redirected. 
get http://localhost:3000/
Home
Questions
News
Contact

Logged out

Your Pragmatic Catalog

Debug

Debug It!

Professional programmers develop a knack of unerringly zeroing in on the root cause of a bug. They can do that because they've written a lot of buggy code and then gained experience fixing it. This book captures all this experience -- use it, and you'll find you write fewer bugs, and the ones you do write will become easier to hunt down.

$34.95
Ruby

Programming Ruby 1.9

Ruby is the fastest growing and most exciting dynamic language out there. If you need to get working programs delivered fast, you should add Ruby to your toolbox.

$49.50
Wd4d

Web Design for Developers

Web Design for Developers will show you how to make your web-based application look professionally designed. We'll help you learn how to pick the right colors and fonts, avoid costly interface and accessibility mistakes -- your application will really come alive. We'll also walk you through some common Photoshop and CSS techniques and work through a web site redesign, taking a new design from concept all the way to implementation.

$42.95 
get /
Home
Questions
News
Contact

Your Pragmatic Catalog

Debug

Debug It!

Professional programmers develop a knack of unerringly zeroing in on the root cause of a bug. They can do that because they've written a lot of buggy code and then gained experience fixing it. This book captures all this experience -- use it, and you'll find you write fewer bugs, and the ones you do write will become easier to hunt down.

$34.95
Ruby

Programming Ruby 1.9

Ruby is the fastest growing and most exciting dynamic language out there. If you need to get working programs delivered fast, you should add Ruby to your toolbox.

$49.50
Wd4d

Web Design for Developers

Web Design for Developers will show you how to make your web-based application look professionally designed. We'll help you learn how to pick the right colors and fonts, avoid costly interface and accessibility mistakes -- your application will really come alive. We'll also walk you through some common Photoshop and CSS techniques and work through a web site redesign, taking a new design from concept all the way to implementation.

$42.95 
get /products
You are being redirected. 
get http://localhost:3000/login
Please Log In 
get /login
Please Log In 
post /login
You are being redirected. 
get http://localhost:3000/admin

Welcome

It's Sun Jun 06 09:00:28 -0400 2010 We have 101 orders. 
get /products

Listing products

Debug
Debug It!
Professional programmers develop a knack of unerringly zeroing in on...
 Show
Edit
Destroy
Ruby
Programming Ruby 1.9
Ruby is the fastest growing and most exciting dynamic language out ...
 Show
Edit
Destroy
Wd4d
Web Design for Developers
Web Design for Developers will show you how to make your web-b...
 Show
Edit
Destroy

New product 
get /users

Listing users

Name
dave Show Edit Destroy

New User

13.4 Iteration H4: Adding a Sidebar 13.2 Iteration H2: Authenticating Users