views:

37

answers:

2

What would be the best way to go about giving users the ability to share a private link that enables anyone who clicks it to view a certain page/document/item that have privacy restrictions in place?

In my case:

A User creates events which are limited to certain groups of relationships in the database (namely: friends, friends of friends, etc.) I have a :before_filter in the event controller that checks the eligibility of the current logged in user to make sure that that user has permission to see the event. If they don't they get booted to the root page with an error message.

However, I want a special scenario to exist where a user can create an event with those same privacy settings and IN ADDITION, be able to share a special link with his or her friends via e-mail, facebook, etc. Those users do NOT need an account (but will need to make one in order to sign up for the event). This is important because there is also a :before_filter in the application_controller which makes sure a user is logged in.

I'm thinking there is something I could do with routing here... Right now I just have the simple /events/72 setup. Should each event have two different links: a normal one, and a "special code" version which enables them to bypass those two :before_filter?

What are people's thoughts?

+1  A: 

I would have a separate controller that uses a hash value to reference the event.

Something simple like the created_at + user_id hashed to create a unique reference.

You could also simply skip the check on a certain action but I would much prefer the first solution .

David Lyod
Thanks! I'm going to try it out.
Jack
+1  A: 

I agree with David Lyod's answer (separating this concern in a different controller).

But for creating the hash I strongly recommend you salting the hash with some secret phrase.

Digest::MD5.hexdigest("#{created_at}#{user_id}.mysupersonicsecretSALT")

Doing this it is not possible, without the knowlegde of the secret phrase, to calculate the hashes and test them against your system until it hits an existing one. If you're handling sensitive data you should not be lazy.

Cheers,

Lukas

Overbryd