Module: SessionOff::ClassMethods
- Defined in:
- lib/session_off.rb
Class Method Summary collapse
Instance Method Summary collapse
-
#session(*args) ⇒ Object
Specify how sessions ought to be managed for a subset of the actions on the controller.
- #session_options_for(request, action) ⇒ Object
Class Method Details
.extended(base) ⇒ Object
36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/session_off.rb', line 36 def self.extended(base) return if base.respond_to?(:session_options_array) if base.respond_to?(:class_attribute) base.class_attribute :session_options_array, :instance_reader => false, :instance_writer => false else base.class_eval do def read_inheritable_attribute(:session_options) end def (array) write_inheritable_array(:session_options, array) end end end end |
Instance Method Details
#session(*args) ⇒ Object
Specify how sessions ought to be managed for a subset of the actions on the controller. Like filters, you can specify :only
and :except
clauses to restrict the subset, otherwise options apply to all actions on this controller.
The session options are inheritable, as well, so if you specify them in a parent controller, they apply to controllers that extend the parent.
Usage:
# turn off session management for all actions.
session :off
# turn off session management for all actions _except_ foo and bar.
session :off, :except => %w(foo bar)
# turn off session management for only the foo and bar actions.
session :off, :only => %w(foo bar)
# the session will only work over HTTPS, but only for the foo action
session :only => :foo, :session_secure => true
# the session by default uses HttpOnly sessions for security reasons.
# this can be switched off.
session :only => :foo, :session_http_only => false
# the session will only be disabled for 'foo', and only if it is
# requested as a web service
session :off, :only => :foo,
:if => Proc.new { |req| req.parameters[:ws] }
# the session will be disabled for non html/ajax requests
session :off,
:if => Proc.new { |req| !(req.format.html? || req.format.js?) }
# turn the session back on, useful when it was turned off in the
# application controller, and you need it on in another controller
session :on
All session options described for ActionController::Base.process_cgi are valid arguments.
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 |
# File 'lib/session_off.rb', line 94 def session(*args) = args. [:disabled] = false if args.delete(:on) [:disabled] = true unless args.empty? [:only] = [*[:only]].map { |o| o.to_s } if [:only] [:except] = [*[:except]].map { |o| o.to_s } if [:except] if [:only] && [:except] raise ArgumentError, "only one of either :only or :except are allowed" end if self. += [ ] else self. = [ ] end end |
#session_options_for(request, action) ⇒ Object
112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 |
# File 'lib/session_off.rb', line 112 def (request, action) = defined?(ActionController::Base.) ? ActionController::Base..dup : {} if .blank? else = action = action.to_s .each do |opts| next if opts[:if] && ! opts[:if].call(request) if opts[:only] && opts[:only].include?(action) .merge!(opts) elsif opts[:except] && ! opts[:except].include?(action) .merge!(opts) elsif ! opts[:only] && ! opts[:except] .merge!(opts) end end .delete(:only) .delete(:except) .delete(:if) end end |