Module: ActionAccess::ControllerAdditions::ClassMethods

Defined in:
lib/action_access/controller_additions.rb

Instance Method Summary collapse

Instance Method Details

#access_locked?Boolean

Is this controller locked?

Returns:

  • (Boolean) 


11
12
13
14
 
# File 'lib/action_access/controller_additions.rb', line 11

def access_locked?
  filters = _process_action_callbacks.collect(&:filter)
  :validate_access!.in? filters
end

#let(*clearance_levels, permissions) ⇒ Object

Set an access rule for the current controller. It will automatically lock the controller if it wasn’t already.

Parameters

clearance_levels

single clearance level (string or symbol) or list

of them (list of parameters or array), either singular or plural.
Accepts the special keyword +:all+ (every clearance level, even none).
permissions

controller action (string or symbol) or list of them (array).

Accepts the special keyword +:all+ (every action in the controller).

Example:

class ArticlesControler < ApplicationController
  let :admins, :all                           # admins can do anything
  let :editors, :reviewers, [:edit, :update]  # editors and reviewers can edit articles
  let :all, [:index, :show]                   # anyone can view articles

  # ...
end



40
41
42
43
44
45
 
# File 'lib/action_access/controller_additions.rb', line 40

def let(*clearance_levels, permissions)
  lock_access unless access_locked?
  keeper = ActionAccess::Keeper.instance
  clearance_levels = Array(clearance_levels).flatten
  clearance_levels.each { |c| keeper.let c, permissions, self }
end

#lock_access(options = {}) ⇒ Object

Lock actions by default, they won’t be accessible unless authorized. It takes the same options as filter callbacks.



6
7
8
 
# File 'lib/action_access/controller_additions.rb', line 6

def lock_access(options = {})
  before_action :validate_access!, options
end