Padrino

Controllers

Custom Conditions

Padrino has support for Sinatra's custom route conditions as well. This allows you to apply custom condition checks to evaluate before a route is executed for an incoming request:

Demo::App.controllers :projects do
  def protect(*args)
    condition {
      unless username == "foo" && password == "bar"
        halt 403, "Not Authorized"
      end
    }
  end

  get "/", :protect => true do
    "Only foo can see this"
  end
end

Conditions can also be specified at the controller and route levels:

# You can specify conditions to run for all routes:
Demo::App.controllers :projects, :conditions => {:protect => true}  do
  def self.protect(protected)
    condition do
      halt 403, "No secrets for you!" unless params[:key] == "s3cr3t"
    end if protected
  end

  # This route will only return "secret stuff" if the user goes to
  # `/private?key=s3cr3t`.
  get("/private") { "secret stuff" }

  # And this one, too!
  get("/also-private") { "secret stuff" }

  # But you can override the conditions for each route as needed.
  # This route will be publicly accessible without providing the
  # secret key.
  get :index, :protect => false do
    "Welcome!"
  end
end

This gives the developer considerable power to construct arbitrarily complex route conditions and apply them to any route within their application.

last updated: 2022-02-22

comments powered by Disqus