Before action at common place in rails controller

0
votes

I have two base controller classes, one for JSON resource API and other is Application controller API class. I have to add before action for permission check which is applicable for both base classes.

I dont want to repeat the before action code, so wanted to add at common place. If I check there ancestors then I dont see any rails default common classes between them.

Any suggestions? I also want current user in context. What will be good solution to fix this problem?

 class BaseResourceController < JSONAPI::ResourceController
    before_action :check_permissions

    def check_permissions
      current_user.permissions
    end
 end

class ApplicationController < ActionController::API
   before_action :check_permissions

   def check_permissions
     current_user.permissions
   end
end

ActionController::API.ancestors =>

[ActionController::API, Devise::Controllers::UrlHelpers, Devise::Controllers::Helpers, Devise::Controllers::StoreLocation, Devise::Controllers::SignInOut, ActiveRecord::Railties::ControllerRuntime, ActionDispatch::Routing::RouteSet::MountedHelpers, ActionController::RespondWith, ActionController::ParamsWrapper, ActionController::Instrumentation, ActionController::Rescue, ActionController::DataStreaming, ActionController::ForceSSL, AbstractController::Callbacks, ActiveSupport::Callbacks, ActionController::StrongParameters, ActiveSupport::Rescuable, ActionController::BasicImplicitRender, ActionController::ConditionalGet, ActionController::Head, ActionController::Renderers::All, ActionController::Renderers, ActionController::Rendering, ActionController::ApiRendering, ActionController::Redirecting, ActiveSupport::Benchmarkable, AbstractController::Logger, ActionController::UrlFor, AbstractController::UrlFor, ActionDispatch::Routing::UrlFor, ActionDispatch::Routing::PolymorphicRoutes, AbstractController::Rendering, ActionView::ViewPaths, ActionController::Metal, AbstractController::Base, ActiveSupport::Configurable, ActiveSupport::ToJsonWithActiveSupportEncoder, Object, PP::ObjectMixin, ActiveSupport::Dependencies::Loadable, JSON::Ext::Generator::GeneratorMethods::Object, ActiveSupport::Tryable, Kernel, BasicObject]

JSONAPI::ResourceController.ancestors =>

[JSONAPI::ResourceController, JSONAPI::Callbacks, JSONAPI::ActsAsResourceController, ActionController::Base, Devise::Controllers::UrlHelpers, Devise::Controllers::Helpers, Devise::Controllers::StoreLocation, Devise::Controllers::SignInOut, ActiveRecord::Railties::ControllerRuntime, ActionDispatch::Routing::RouteSet::MountedHelpers, ActionController::RespondWith, ActionController::ParamsWrapper, ActionController::Instrumentation, ActionController::Rescue, ActionController::HttpAuthentication::Token::ControllerMethods, ActionController::HttpAuthentication::Digest::ControllerMethods, ActionController::HttpAuthentication::Basic::ControllerMethods, ActionController::DataStreaming, ActionController::Streaming, ActionController::ForceSSL, ActionController::RequestForgeryProtection, AbstractController::Callbacks, ActiveSupport::Callbacks, ActionController::FormBuilder, ActionController::Flash, ActionController::Cookies, ActionController::ParameterEncoding, ActionController::StrongParameters, ActiveSupport::Rescuable, ActionController::ImplicitRender, ActionController::BasicImplicitRender, ActionController::MimeResponds, AbstractController::Caching, AbstractController::Caching::ConfigMethods, AbstractController::Caching::Fragments, ActionController::Caching, ActionController::EtagWithFlash, ActionController::EtagWithTemplateDigest, ActionController::ConditionalGet, ActionController::Head, ActionController::Renderers::All, ActionController::Renderers, ActionController::Rendering, ActionView::Layouts, ActionView::Rendering, ActionController::Redirecting, ActiveSupport::Benchmarkable, AbstractController::Logger, ActionController::UrlFor, AbstractController::UrlFor, ActionDispatch::Routing::UrlFor, ActionDispatch::Routing::PolymorphicRoutes, ActionController::Helpers, AbstractController::Helpers, AbstractController::AssetPaths, AbstractController::Translation, AbstractController::Rendering, ActionView::ViewPaths, ActionController::Metal, AbstractController::Base, ActiveSupport::Configurable, ActiveSupport::ToJsonWithActiveSupportEncoder, Object, PP::ObjectMixin, ActiveSupport::Dependencies::Loadable, JSON::Ext::Generator::GeneratorMethods::Object, ActiveSupport::Tryable, Kernel, BasicObject]

1
rubyruby-on-rails-3inheritance

1 Answers

1
votes

One option would be like to wrap the permission check logic to a module and include that module in the respective controllers. The permission check implementation resides in a single file

# app/controllers/concerns/permission_check.rb
module PermissionCheck
  extend ActiveSupport::Concern

  included do
    before_action :check_permissions
  end

  def check_permissions
    current_user.permissions
  end
end

Now include this in the controllers wherever it required.

class BaseResourceController < JSONAPI::ResourceController
  include  PermissionCheck   
end

class ApplicationController < ActionController::API
   include  PermissionCheck   
end