Module: Trust::Controller::TrustInstanceMethods
- Defined in:
- lib/trust/controller.rb
Instance Method Summary collapse
-
#access_control ⇒ Object
Performs the actual access_control.
-
#can?(action_name, subject = resource.instance || resource.relation.new, parent = resource.parent) ⇒ Boolean
Tests for current users permissions.
-
#load_resource ⇒ Object
Loads the resource which basically means loading the instance and eventual parent defined through
belongs_to
. -
#properties ⇒ Object
Returns the controller Trust::Controller::Properties.
-
#resource ⇒ Object
Returns the Trust::Controller::Resource resource for the controller.
-
#set_user ⇒ Object
Sets the current user.
Instance Method Details
#access_control ⇒ Object
Performs the actual access_control.
This method is triggered as a callback on before_filter
197 198 199 |
# File 'lib/trust/controller.rb', line 197 def access_control Trust::Authorization.(action_name, resource.instance || resource.klass, resource.parent) end |
#can?(action_name, subject = resource.instance || resource.relation.new, parent = resource.parent) ⇒ Boolean
Tests for current users permissions.
If access control is not sufficient in controller, you may use this method. Also available as a helper in views.
Examples
+can? :edit+ # does the current user have permission to edit the current resource?
# If there is a nested resource, the parent is automatically associated
+can? :edit, @customer+ # does the current user have permission to edit the given customer?
# Parent is also passed on here.
+can? :edit, @account, @client+ # is current user allowed to edit the account associated with the client?
212 213 214 |
# File 'lib/trust/controller.rb', line 212 def can?(action_name, subject = resource.instance || resource.relation.new, parent = resource.parent) Trust::Authorization.(action_name, subject, parent) end |
#load_resource ⇒ Object
Loads the resource which basically means loading the instance and eventual parent defined through belongs_to
This method is triggered as a callback on before_filter
See Resource for more information
190 191 192 |
# File 'lib/trust/controller.rb', line 190 def load_resource resource.load end |
#properties ⇒ Object
Returns the controller Trust::Controller::Properties. If no properties are instantiated, it will be instantiated.
Delegated methods
The following methods are delegated to properties. See Trust::Controller::Properties for details
-
belongs_to
- define one or more associations to parents -
actions
- acion definitions outside the restful actions -
model
- Redefine the model used in the controller (if it’s name does not match the controller_path)
160 161 162 |
# File 'lib/trust/controller.rb', line 160 def properties self.class.properties end |
#resource ⇒ Object
Returns the Trust::Controller::Resource resource for the controller.
Available as a helper in views. See Resource for relevant methods.
182 183 184 |
# File 'lib/trust/controller.rb', line 182 def resource @resource ||= Trust::Controller::Resource.new(self, self.class.properties, action_name, params, request) end |
#set_user ⇒ Object
Sets the current user. It assumes current_user
is defined.
This method is triggered as a callback on before_filter
. You may override this method.
Example
def set_user
Trust::Authorization.user = Thread[:current_user]
end
174 175 176 |
# File 'lib/trust/controller.rb', line 174 def set_user Trust::Authorization.user = current_user end |