On the tutorials I've seen, I always see the Controllers always having the following methods/actions. Not all may be present, but it's always the same gang of characters:
list show new create edit update delete
Is it okay to use my own methods/actions in the controller?
Here's the scenario....
1. User registers on my site, I send an email message to him to validate if his user registration/email address is real or bogus.
2. User clicks on a URL on his email message, with a security token.
3. My app services this request, validates the security token, and updates User record. Display welcome screen.
4. If security token is bad, or user does not exist, then display error screen.
class ValidationController < ApplicationController def update # get validation code from URL, and validate against the database # if matched, set validated_at date and validated to TRUE @user = User.find_by(validation: params[:c]) if @user # user found, then update_attribute (instead of update_attributes) so no model validation performed, i.e. no need to fill-out password and password_confirm fields @user.update_attribute(:validated, true) @user.update_attribute(:validated_at, Time.now) send_welcome_email # display welcome webpage to user render :success else # user not found, probably invalid code or user deleted from database render :fail end end def success end def fail end #------------------ P R I V A T E --------------------------- private def send_welcome_email UserMailer.welcome_email(@user).deliver end end
In my routes.rb, I have
# Validation Pages match '/validate', to: 'validation#update', via: 'get' match '/validation_success', to: 'validation#success', via: 'get' match '/validation_fail', to: 'validation#fail', via: 'get'
Then of course, I have /views/validation/success.html.erb and fail.html.erb for my display pages.
Everything seems to work fine but I just want to make sure I'm not breaking any convention by not using the typical --
Now, if I'm understanding the REST concept correctly, I shouldn't be updating my Model because I used 'GET'... and that one should use POST if you want to update or make changes to the Model record.
But you can't send a POST from clicking on a URL link in an email message. So I definitely broke that rule.
Is there another way of doing this whole scheme?