Module: Trust::Controller::ClassMethods
- Defined in:
- lib/trust/controller.rb
Instance Method Summary collapse
-
#access_control(*args) ⇒ Object
Enable or disable
before_filtercallback for setting the access control, i.e. -
#load_resource(*args) ⇒ Object
Enable or disable
before_filtercallback for setting the loading resource. -
#properties ⇒ Object
Returns the controller Trust::Controller::Properties.
-
#set_user(*args) ⇒ Object
Enable or disable
before_filtercallback for setting the current user. -
#trustee(*args) ⇒ Object
Enables authorization in controller.
Instance Method Details
#access_control(*args) ⇒ Object
Enable or disable before_filter callback for setting the access control, i.e. verifying permissions for the logged in user
Arguments:
+:off+ - switch callback off
+:only+ - only include these actions
+:except+ - except these actions
134 135 136 |
# File 'lib/trust/controller.rb', line 134 def access_control(*args) _filter_setting(:access_control, *args) end |
#load_resource(*args) ⇒ Object
Enable or disable before_filter callback for setting the loading resource
Arguments:
+:off+ - switch callback off
+:only+ - only include these actions
+:except+ - except these actions
123 124 125 |
# File 'lib/trust/controller.rb', line 123 def load_resource(*args) _filter_setting(:load_resource, *args) end |
#properties ⇒ Object
Returns the controller Trust::Controller::Properties. If no properties are instantiated, it will be instantiated
Delegated methods
The following methods are delegated to properties. See Trust::Controller::Properties for details
-
belongs_to- define one or more associations to parents -
actions- acion definitions outside the restful actions -
model- Redefine the model used in the controller (if it’s name does not match the controller_path)
46 47 48 |
# File 'lib/trust/controller.rb', line 46 def properties @properties ||= Trust::Controller::Properties.instantiate(self) end |
#set_user(*args) ⇒ Object
Enable or disable before_filter callback for setting the current user
Arguments:
+:off+ - switch callback off
+:only+ - only include these actions
+:except+ - except these actions
112 113 114 |
# File 'lib/trust/controller.rb', line 112 def set_user(*args) _filter_setting(:set_user, *args) end |
#trustee(*args) ⇒ Object
Enables authorization in controller
trustee accepts :off or a hash of callback options such as :except and :only
trustee automatically calls the class methods: set_user, load_resource and access_control trustee accepts :off for set_user, load_resource and access_control individually
trustee will raise an Trust::AccessDenied exception if the user is not permitted the action
Examples
# enable permission check for all restful actions
class AccountsController < ApplicationController
login_required
trustee
end
# disable all permission check
class PasswordController < ApplicationController
# assuming login_required and trustee has been in your application controller
trustee :off
end
# enable permission check and loading for only :new and :create action
class AccountsController < ApplicationController
login_required
trustee :only => [:new, :create]
end
# enable permission check for all restful actions, but without loading resources
class AccountsController < ApplicationController
login_required
trustee :load_resource => :off
model :objects
end
Caching Trust::AccessDenied exception
Normally an exception handler is included in the ApplicationController. Example:
class ApplicationController < ActionController::Base
rescue_from Trust::AccessDenied do |exception|
redirect_to root_url, :alert => exception.
end
end
95 96 97 98 99 100 101 102 103 |
# File 'lib/trust/controller.rb', line 95 def trustee(*args) module_eval do include TrustInstanceMethods set_user *args load_resource *args access_control *args helper_method :can?, :resource, :resource? end end |