Module: Trust::Controller::TrustInstanceMethods

Defined in:

lib/trust/controller.rb

Instance Method Summary

• #access_control ⇒ Object

  Performs the actual access_control.

• #can?(action_name, subject = resource.instance || resource.relation.new, parent = resource.parent) ⇒ Boolean

  Tests for current users permissions.

• #load_resource ⇒ Object

  Loads the resource which basically means loading the instance and eventual parent defined through belongs_to.

• #properties ⇒ Object

  Returns the controller Trust::Controller::Properties.

• #resource ⇒ Object

  Returns the Trust::Controller::Resource resource for the controller.

• #set_user ⇒ Object

  Sets the current user.

Instance Method Details

#access_control ⇒ Object

Performs the actual access_control.

This method is triggered as a callback on before_filter

# File 'lib/trust/controller.rb', line 197

def access_control
  Trust::Authorization.authorize!(action_name, resource.instance || resource.klass, resource.parent)
end

#can?(action_name, subject = resource.instance || resource.relation.new, parent = resource.parent) ⇒ Boolean

Tests for current users permissions.

If access control is not sufficient in controller, you may use this method. Also available as a helper in views.

Examples

+can? :edit+                          # does the current user have permission to edit the current resource? 
                                      # If there is a nested resource, the parent is automatically associated
+can? :edit, @customer+               # does the current user have permission to edit the given customer? 
                                      # Parent is also passed on here.
+can? :edit, @account, @client+       # is current user allowed to edit the account associated with the client?

Returns:

• (Boolean)

# File 'lib/trust/controller.rb', line 212

def can?(action_name, subject = resource.instance || resource.relation.new, parent = resource.parent)
  Trust::Authorization.authorized?(action_name, subject, parent)
end

#load_resource ⇒ Object

Loads the resource which basically means loading the instance and eventual parent defined through belongs_to

This method is triggered as a callback on before_filter See Resource for more information

# File 'lib/trust/controller.rb', line 190

def load_resource
  resource.load
end

#properties ⇒ Object

Returns the controller Trust::Controller::Properties. If no properties are instantiated, it will be instantiated.

Delegated methods

The following methods are delegated to properties. See Trust::Controller::Properties for details

• belongs_to - define one or more associations to parents

• actions - acion definitions outside the restful actions

• model - Redefine the model used in the controller (if it’s name does not match the controller_path)

# File 'lib/trust/controller.rb', line 160

def properties
  self.class.properties
end

#resource ⇒ Object

Returns the Trust::Controller::Resource resource for the controller.

Available as a helper in views. See Resource for relevant methods.

# File 'lib/trust/controller.rb', line 182

def resource
  @resource ||= Trust::Controller::Resource.new(self, self.class.properties, action_name, params, request)
end

#set_user ⇒ Object

Sets the current user. It assumes current_user is defined.

This method is triggered as a callback on before_filter. You may override this method.

Example

def set_user
  Trust::Authorization.user = Thread[:current_user]
end

# File 'lib/trust/controller.rb', line 174

def set_user
  Trust::Authorization.user = current_user
end