| 46 | | # * <tt>:params</tt> - a single key or an array of keys that must |
|---|
| 47 | | # be in the <tt>params</tt> hash in order for the action(s) to be safely |
|---|
| 48 | | # called. |
|---|
| 49 | | # * <tt>:session</tt> - a single key or an array of keys that must |
|---|
| 50 | | # be in the <tt>session</tt> in order for the action(s) to be safely called. |
|---|
| 51 | | # * <tt>:flash</tt> - a single key or an array of keys that must |
|---|
| 52 | | # be in the flash in order for the action(s) to be safely called. |
|---|
| 53 | | # * <tt>:method</tt> - a single key or an array of keys--any one of which |
|---|
| 54 | | # must match the current request method in order for the action(s) to |
|---|
| 55 | | # be safely called. (The key should be a symbol: <tt>:get</tt> or |
|---|
| 56 | | # <tt>:post</tt>, for example.) |
|---|
| 57 | | # * <tt>:xhr</tt> - true/false option to ensure that the request is coming |
|---|
| 58 | | # from an Ajax call or not. |
|---|
| 59 | | # * <tt>:add_flash</tt> - a hash of name/value pairs that should be merged |
|---|
| 60 | | # into the session's flash if the prerequisites cannot be satisfied. |
|---|
| 61 | | # * <tt>:add_headers</tt> - a hash of name/value pairs that should be |
|---|
| 62 | | # merged into the response's headers hash if the prerequisites cannot |
|---|
| 63 | | # be satisfied. |
|---|
| 64 | | # * <tt>:redirect_to</tt> - the redirection parameters to be used when |
|---|
| 65 | | # redirecting if the prerequisites cannot be satisfied. You can |
|---|
| 66 | | # redirect either to named route or to the action in some controller. |
|---|
| 67 | | # * <tt>:render</tt> - the render parameters to be used when |
|---|
| 68 | | # the prerequisites cannot be satisfied. |
|---|
| 69 | | # * <tt>:only</tt> - only apply this verification to the actions specified |
|---|
| 70 | | # in the associated array (may also be a single value). |
|---|
| 71 | | # * <tt>:except</tt> - do not apply this verification to the actions |
|---|
| 72 | | # specified in the associated array (may also be a single value). |
|---|
| | 46 | # <tt>:params</tt>:: |
|---|
| | 47 | # a single key or an array of keys that must be in the <tt>params</tt> |
|---|
| | 48 | # hash in order for the action(s) to be safely called. |
|---|
| | 49 | # <tt>:session</tt>:: |
|---|
| | 50 | # a single key or an array of keys that must be in the <tt>session</tt> |
|---|
| | 51 | # in order for the action(s) to be safely called. |
|---|
| | 52 | # <tt>:flash</tt>:: |
|---|
| | 53 | # a single key or an array of keys that must be in the flash in order |
|---|
| | 54 | # for the action(s) to be safely called. |
|---|
| | 55 | # <tt>:method</tt>:: |
|---|
| | 56 | # a single key or an array of keys--any one of which must match the |
|---|
| | 57 | # current request method in order for the action(s) to be safely called. |
|---|
| | 58 | # (The key should be a symbol: <tt>:get</tt> or <tt>:post</tt>, for |
|---|
| | 59 | # example.) |
|---|
| | 60 | # <tt>:xhr</tt>:: |
|---|
| | 61 | # true/false option to ensure that the request is coming from an Ajax |
|---|
| | 62 | # call or not. |
|---|
| | 63 | # <tt>:add_flash</tt>:: |
|---|
| | 64 | # a hash of name/value pairs that should be merged into the session's |
|---|
| | 65 | # flash if the prerequisites cannot be satisfied. |
|---|
| | 66 | # <tt>:add_headers</tt>:: |
|---|
| | 67 | # a hash of name/value pairs that should be merged into the response's |
|---|
| | 68 | # headers hash if the prerequisites cannot be satisfied. |
|---|
| | 69 | # <tt>:redirect_to</tt>:: |
|---|
| | 70 | # the redirection parameters to be used when redirecting if the |
|---|
| | 71 | # prerequisites cannot be satisfied. You can redirect either to named |
|---|
| | 72 | # route or to the action in some controller. |
|---|
| | 73 | # <tt>:render</tt>:: |
|---|
| | 74 | # the render parameters to be used when the prerequisites cannot be satisfied. |
|---|
| | 75 | # <tt>:only</tt>:: |
|---|
| | 76 | # only apply this verification to the actions specified in the associated |
|---|
| | 77 | # array (may also be a single value). |
|---|
| | 78 | # <tt>:except</tt>:: |
|---|
| | 79 | # do not apply this verification to the actions specified in the associated |
|---|
| | 80 | # array (may also be a single value). |
|---|
| 111 | | |
|---|
| 112 | | private :verify_action |
|---|
| | 97 | |
|---|
| | 98 | def prereqs_invalid?(options) # :nodoc: |
|---|
| | 99 | verify_presence_of_keys_in_hash_flash_or_params(options) || |
|---|
| | 100 | verify_method(options) || |
|---|
| | 101 | verify_request_xhr_status(options) |
|---|
| | 102 | end |
|---|
| | 103 | |
|---|
| | 104 | def verify_presence_of_keys_in_hash_flash_or_params(options) # :nodoc: |
|---|
| | 105 | [*options[:params] ].find { |v| params[v].nil? } || |
|---|
| | 106 | [*options[:session]].find { |v| session[v].nil? } || |
|---|
| | 107 | [*options[:flash] ].find { |v| flash[v].nil? } |
|---|
| | 108 | end |
|---|
| | 109 | |
|---|
| | 110 | def verify_method(options) # :nodoc: |
|---|
| | 111 | [*options[:method]].all? { |v| request.method != v.to_sym } if options[:method] |
|---|
| | 112 | end |
|---|
| | 113 | |
|---|
| | 114 | def verify_request_xhr_status(options) # :nodoc: |
|---|
| | 115 | request.xhr? != options[:xhr] unless options[:xhr].nil? |
|---|
| | 116 | end |
|---|
| | 117 | |
|---|
| | 118 | def apply_redirect_to(redirect_to_option) # :nodoc: |
|---|
| | 119 | redirect_to_option.is_a?(Symbol) ? self.send!(redirect_to_option) : redirect_to_option |
|---|
| | 120 | end |
|---|
| | 121 | |
|---|
| | 122 | def apply_remaining_actions(options) # :nodoc: |
|---|
| | 123 | case |
|---|
| | 124 | when options[:render] ; render(options[:render]) |
|---|
| | 125 | when options[:redirect_to] ; redirect_to(apply_redirect_to(options[:redirect_to])) |
|---|
| | 126 | else head(:bad_request) |
|---|
| | 127 | end |
|---|
| | 128 | end |
|---|
