Class: BentoSearch::SearchController

Inherits:
BentoSearchController show all
Defined in:
app/controllers/bento_search/search_controller.rb

Overview

This is a controller that provides stand-alone search results for registered engines. Right now, this is only for automatic AJAX delayed loading. In the future it may be used for atom results, or other such.

You need to make sure to include routing for this controller in your app to use it, for instance with ‘BentoSearch::Routes.new(self).draw` in your ./config/routes.rb

# Authorization Issues

You may have some engines which should not be publically searchable, they should only be searchable by certain auth’d users. This controller could accidentally provide a non-protected endpoint to get results if nothing were done to prevent it.

Only engines which have a :allow_routable_results => true key in their config will be served by this controller.

If you need routable results on an engine which ALSO needs to be protected by auth, you can add your own Rails before_filter to provide auth. Say, in an initializer in your app:

SearchController.before_filter do |controller|
  unless controller.current_user
     raise BentoSearch::SearchController::AccessDenied
  end
end

We may provide fancier/nicer API for this in the future, if there’s demand.

Defined Under Namespace

Classes: AccessDenied

Instance Method Summary collapse

Instance Method Details

#searchObject

returns partial HTML results, suitable for AJAX to insert into DOM. arguments for engine.search are taken from URI request params, whitelisted



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# File 'app/controllers/bento_search/search_controller.rb', line 44

def search
  engine  =  BentoSearch.get_engine(params[:engine_id])
  # put it in an iVar mainly for testing purposes.
  @engine = engine


  unless engine.configuration.allow_routable_results == true
    raise AccessDenied.new("engine needs to be registered with :allow_routable_results => true")
  end

  @results         = engine.search safe_search_args(engine, params)
  # template name of a partial with 'yield' to use to wrap the results
  @partial_wrapper = @results.display_configuration.lookup!("ajax.wrapper_template")

  # partial HTML results
  render "bento_search/search/search", :layout => false

end