Module ActionController::Verification::ClassMethods
In: vendor/rails/actionpack/lib/action_controller/verification.rb

This module provides a class-level method for specifying that certain actions are guarded against being called without certain prerequisites being met. This is essentially a special kind of before_filter.

An action may be guarded against being invoked without certain request parameters being set, or without certain session values existing.

When a verification is violated, values may be inserted into the flash, and a specified redirection is triggered.

Usage:

  class GlobalController < ActionController::Base
    # prevent the #update_settings action from being invoked unless
    # the 'admin_privileges' request parameter exists.
    verify :params => "admin_privileges", :only => :update_post,
           :redirect_to => { :action => "settings" }

    # disallow a post from being updated if there was no information
    # submitted with the post, and if there is no active post in the
    # session, and if there is no "note" key in the flash.
    verify :params => "post", :session => "post", "flash" => "note",
           :only => :update_post,
           :add_flash => { "alert" => "Failed to create your message" },
           :redirect_to => :category_url

Methods

verify  

Public Instance methods

Verify the given actions so that if certain prerequisites are not met, the user is redirected to a different action. The options parameter is a hash consisting of the following key/value pairs:

  • :params: a single key or an array of keys that must be in the params hash in order for the action(s) to be safely called.
  • :session: a single key or an array of keys that must be in the @session in order for the action(s) to be safely called.
  • :flash: a single key or an array of keys that must be in the flash in order for the action(s) to be safely called.
  • :method: a single key or an array of keys—any one of which must match the current request method in order for the action(s) to be safely called. (The key should be a symbol: :get or :post, for example.)
  • :xhr: true/false option to ensure that the request is coming from an Ajax call or not.
  • :add_flash: a hash of name/value pairs that should be merged into the session’s flash if the prerequisites cannot be satisfied.
  • :redirect_to: the redirection parameters to be used when redirecting if the prerequisites cannot be satisfied.
  • :render: the render parameters to be used when the prerequisites cannot be satisfied.
  • :only: only apply this verification to the actions specified in the associated array (may also be a single value).
  • :except: do not apply this verification to the actions specified in the associated array (may also be a single value).

[Source]

    # File vendor/rails/actionpack/lib/action_controller/verification.rb, line 62
62:       def verify(options={})
63:         filter_opts = { :only => options[:only], :except => options[:except] }
64:         before_filter(filter_opts) do |c|
65:           c.send :verify_action, options
66:         end
67:       end

[Validate]