Module: Trust::Controller::ClassMethods

Defined in:

lib/trust/controller.rb

Instance Method Summary

• #access_control(*args) ⇒ Object

  Enable or disable before_filter callback for setting the access control, i.e.

• #load_resource(*args) ⇒ Object

  Enable or disable before_filter callback for setting the loading resource.

• #properties ⇒ Object

  Returns the controller Trust::Controller::Properties.

• #set_user(*args) ⇒ Object

  Enable or disable before_filter callback for setting the current user.

• #trustee(*args) ⇒ Object

  Enables authorization in controller.

Instance Method Details

#access_control(*args) ⇒ Object

Enable or disable before_filter callback for setting the access control, i.e. verifying permissions for the logged in user

Arguments:

:off - switch callback off :only - only include these actions :except - except these actions

# File 'lib/trust/controller.rb', line 126

def access_control(*args)
  _filter_setting(:access_control, *args)
end

#load_resource(*args) ⇒ Object

Enable or disable before_filter callback for setting the loading resource

Arguments:

:off - switch callback off :only - only include these actions :except - except these actions

# File 'lib/trust/controller.rb', line 115

def load_resource(*args)
  _filter_setting(:load_resource, *args)
end

#properties ⇒ Object

Returns the controller Trust::Controller::Properties. If no properties are instantiated, it will be instantiated

Delegated methods

The following methods are delegated to properties. See Trust::Controller::Properties for details

• belongs_to - define one or more associations to parents
• actions - acion definitions outside the restful actions
• model - Redefine the model used in the controller (if it's name does not match the controller_path)

# File 'lib/trust/controller.rb', line 46

def properties
  @properties ||= Trust::Controller::Properties.instantiate(self)
end

#set_user(*args) ⇒ Object

Enable or disable before_filter callback for setting the current user

Arguments:

:off - switch callback off :only - only include these actions :except - except these actions

# File 'lib/trust/controller.rb', line 104

def set_user(*args)
  _filter_setting(:set_user, *args)
end

#trustee(*args) ⇒ Object

Enables authorization in controller

trustee accepts :off or a hash of callback options such as :except and :only

trustee automatically calls the class methods: set_user, load_resource and access_control

trustee will raise an Trust::AccessDenied exception if the user is not permitted the action

Examples

# enable permission check for all restful actions
class AccountsController < ApplicationController
login_required
trustee
end

# disable all permission check
class PasswordController < ApplicationController
# assuming login_required and trustee has been in your application controller
trustee :off
end

# enable permission check and loading for only :new and :create action
class AccountsController < ApplicationController
login_required
trustee :only => [:new, :create]
end

Caching Trust::AccessDenied exception

Normally an exception handler is included in the ApplicationController. Example:

class ApplicationController < ActionController::Base
rescue_from Trust::AccessDenied do |exception|
  redirect_to root_url, :alert => exception.message
end
end

# File 'lib/trust/controller.rb', line 87

def trustee(*args)
  module_eval do
    include TrustInstanceMethods
    set_user *args
    load_resource *args
    access_control *args
    helper_method :can?, :resource
  end
end