I'm not familiar with RoR, but with rocket, to know which requirements needs to be met in order for a handler to run, you just look at the function definition while in other web framework you usually need to know which middlewares are present etc.
Here are couple of examples (didn't test them, but they should illustrate the point):
// Simple with admin user.
#[get("/admin")]
fn admin(user: AdminUser) -> String {
// Request is made as admin user.
format!("Allowed.")
}
#[get("/admin"), rank = 2]
fn admin(user: User) -> String {
// Request is made as a normal user.
format!("Not allowed!")
}
#[get("/admin"), rank = 3]
fn admin(user: AnonymousUser) -> String {
// Request is made as a anonymous user.
format!("Please login.")
}
// More flexable, with permissions.
#[get("/article/<id>/edit")]
fn aritcle_edit(permission: PermissionEditContent, article_id: u64) -> String {
// Request is made with a user that has the correct permission.
format!("Allowed.")
}
#[get("/article/<id>/edit"), rank = 2]
fn aritcle_edit(article_id: u64) -> String {
// Request is made with a user that doesn't have the correct permission.
format!("Not allowed!")
}
// Or in single handler.
#[get("/article/<id>/edit")]
fn aritcle_edit(permission: Option<PermissionEditContent>, article_id: u64) -> String {
if permissions.is_some() {
format!("Allowed.")
} else {
format!("Not allowed!")
}
}
This is just one of the nice things that rocket brings. To know more, the guide is really good source: https://rocket.rs/v0.4/guide/.
Here are couple of examples (didn't test them, but they should illustrate the point):
This is just one of the nice things that rocket brings. To know more, the guide is really good source: https://rocket.rs/v0.4/guide/.