Controlling Access
The Automated Machine
Dr. Hanson: Now the store owner can access all the data he needs, but it would be great if customers could as well.
Dave: But we can't let them directly access the data, they wouldn't know what to do. And some customers could mess up the data!
Dr. Hanson: That's right, we need to develop a way to control access to make it easier for users and restrict what they can do...
In Rails
The admin or developer of a site can use a terminal to directly access an application's data. To open up the site to others (and non-developers), we need to control access, which is what the Controller is for. It takes in requests and communicates with the Model to get the actual data. The "Routes" map URLs to specific Controllers and Actions.
For example, let's say a user enters http://example.com/products/7 into his address bar. This will send an HTTP GET request to example.com. (See How the Web Works.) The routes will map the request to the Product controller and pass it the parameter ID with a value of 7. The controller will then be able to use that to get Product #7 from the model and return it to the user.
Right now we're just dealing with plain data, but next we'll see how web pages are created.
Try it Out
Go back to the your Rails project on Runnable. Click on "Run" to run the website in a new tab. Go to the URL box on top and enter /products/1
at the end of it. This should show the first product.
When you entered products/1
as the URL, the routes sent your request to the products controller to show product #1. Next, we'll find out how the actual pages are displayed on a website.