Dancan
Installation
Include 'dancan' in your Gemfile
gem 'dancan'
Include Dancan in your application controller:
class ApplicationController < ActionController::Base
include Dancan
protect_from_forgery
def self.restrict_access(roles, =nil)
if
before_filter() { restrict_access( :roles, roles) }
else
before_filter { restrict_access( :roles, roles) }
end
end
end
Policies
In app/policies/role_policy.rb
class RolePolicy < Struct.new(:current_admin, :roles)
attr_reader :current_admin, :roles
def initialize(current_admin, policy)
@current_admin = current_admin
end
def customer_care
@current_admin.has_any_role?(:customer_care)
end
def culinary_ops
@current_admin.has_any_role?(:culinary_ops)
end
def fulfillment_ops
@current_admin.has_any_role?(:fulfillment_ops)
end
end
Controller
In your controller, call restrict_access with an optional second parameter unless you want to restrict the entire controller
# restricts access only su action to customer_care and fulfillment_ops
restrict_access [:customer_care, :fulfillment_ops] , :only => [:su]
# restricts access everything except su action to customer_care and fulfillment_ops
restrict_access [:customer_care, :fulfillment_ops] , :except => [:su]
# restricts access entire controller to customer_care and fulfillment_ops
restrict_access [:customer_care, :fulfillment_ops]
Rescuing a denied Authorization in Rails
Dancan raises a Dancan::NotAuthorizedError you can
rescue_from in your ApplicationController. You can customize the user_not_authorized
method in every controller.
class ApplicationController < ActionController::Base
protect_from_forgery
include Dancan
rescue_from Dancan::NotAuthorizedError, with: :user_not_authorized
private
def
flash[:alert] = "Access Denied."
redirect_to(request.referrer || root_path)
end
end
License
Licensed under the MIT license, see the separate LICENSE.txt file.