Module: ActionController::Permittance

Extended by:
ActiveSupport::Concern
Defined in:
lib/action_controller/permittance.rb

Instance Method Summary collapse

Instance Method Details

#permitted_paramsObject



5
6
7
# File 'lib/action_controller/permittance.rb', line 5

def permitted_params
  get_permitted_params_using(permitter)
end

#permitted_params_using(pclass) ⇒ Object



9
10
11
# File 'lib/action_controller/permittance.rb', line 9

def permitted_params_using(pclass)
  get_permitted_params_using(permitter(pclass))
end

#permitter(pclass = permitter_class) ⇒ Object

Returns a new instance of the permitter by initializing it with params, current_user, current_ability.



14
15
16
17
18
19
# File 'lib/action_controller/permittance.rb', line 14

def permitter(pclass = permitter_class)
  pinstance = (@permitter_class_to_permitter ||= {})[pclass]
  return pinstance if pinstance
  current_authorizer_method = ActionController::Permitter.current_authorizer_method ? ActionController::Permitter.current_authorizer_method.to_sym : nil
  @permitter_class_to_permitter[pclass] = pclass.new(params, defined?(current_user) ? current_user : nil, current_authorizer_method && defined?(current_authorizer_method) ? __send__(current_authorizer_method) : nil)
end

#permitter_classObject

Returns the permitter class corresponding to the controller by matching everything in the controller class name other than “Controller” and singularizing the part after any namespace before tacking on Permitter to the name.

e.g. if self.class.name is “A:B:StatusesController”, it would return A::B::StatusPermitter



25
26
27
28
29
30
31
32
33
# File 'lib/action_controller/permittance.rb', line 25

def permitter_class
  # Permitters should be in the same namespace as the controller, like ActiveModel::Serializers are in the same namespace as the model.
  name = self.class.name
  # in Rails 3.2+ could do:
  # namespace = name.deconstantize; "#{namespace}#{namespace.blank? ? '' : '::'}#{name.demodulize.chomp('Controller').singularize}Permitter".constantize
  # Rails < 3.2
  last_index = name.rindex('::')
  "#{last_index ? "#{name[0...(last_index || 0)]}::" : ''}#{(last_index ? name[(last_index+2)..-1] : name).chomp('Controller').singularize}Permitter".constantize
end