Home/ Questions/Q 8623955
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T07:24:25+00:00

I started working through the tutorial at railstutorial.org to get exposure to the framework.

  • 0

I started working through the tutorial at railstutorial.org
to get exposure to the framework. My controllers aren’t monstrous yet, but I can
see that Single Responsibility Principal(SRP) isn’t being applied throughout the tutorial, as it extends beyond the scope of the tutorial.

I’ve got this relatively simple controller here. I can already see different concerns (e.g. authentication and authorization) leaking into this controller, which contains too many actions to begin with. This assigns too many actions to one controller.
I stumbled upon rails focused controllers which solves one of these issues
and looks quite interesting.

Is this a common solution? Or are better solutions available?

In the .net world, we tend to use aspect oriented programming(AOP) to
achieve a cleaner Separation of Concerns (SoC). However, recently a few guys have written a new front controller framework called Fubu Behaviours. It captures the idea of a request pipeline nicely. Something that makes more and more sense to me.

In order to handle a request we tend to go through a few steps before (and sometimes
after) the action is executed. In some cases, conditionally ending the request. It seems natural to use something like behaviors, a pipeline or a russian dolls pattern.
So that each link in the chain is responsible for either continuation or cessation. Inheritance doesn’t seem to be the best solution.

Is there anything similar to that in rails? Would it make sense in rails?

Recommended readings will be just as well welcome!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I agree with you that having those authorization functions like is_admin and correct_user are a bit of a code smell. I would remove them and handle it a bit better with a gem I often use called CanCan.

    It allows you to move all authorization rules out of your controllers into a manifest (i.e. the Ability model), only requiring your controllers to initiate the authorization check through authorize_resource call in your controller. Then you can handle simple redirects in your ApplicationController:

    class ApplicationController < ActionController::Base
  rescue_from CanCan::AccessDenied do |exception|
    if current_user
      redirect_to signin_url, :alert => exception.message
    else
      redirect_to root_path, :alert => exception.message
    end
  end
end

    Other than that, I would move all the @user = User.find(params[:id]) calls into a before_filter, and clean up your indenting and your action ordering (should be index,new, create, show, edit, update, destroy) and I think your controller would be nice and skinny.

    • 0