module ActionAccess::ControllerAdditions::ClassMethods
Public Instance Methods
access_locked?()
click to toggle source
Is this controller locked?
# File lib/action_access/controller_additions.rb, line 11 def access_locked? filters = _process_action_callbacks.collect(&:filter) :validate_access!.in? filters end
let(*clearance_levels, permissions)
click to toggle source
Set an access rule for the current controller. It will automatically lock the controller if it wasn't already.
Parameters¶ ↑
clearance_levels
-
single clearance level (string or symbol) or list
of them (list of parameters or array), either singular or plural. Accepts the special keyword +:all+ (every clearance level, even none).
permissions
-
controller action (string or symbol) or list of them (array).
Accepts the special keyword +:all+ (every action in the controller).
Example:¶ ↑
class ArticlesControler < ApplicationController let :admins, :all # admins can do anything let :editors, :reviewers, [:edit, :update] # editors and reviewers can edit articles let :all, [:index, :show] # anyone can view articles # ... end
# File lib/action_access/controller_additions.rb, line 40 def let(*clearance_levels, permissions) lock_access unless access_locked? keeper = ActionAccess::Keeper.instance clearance_levels = Array(clearance_levels).flatten clearance_levels.each { |c| keeper.let c, permissions, self } end
lock_access(options = {})
click to toggle source
Lock actions by default, they won't be accessible unless authorized. It takes the same options as filter callbacks.
# File lib/action_access/controller_additions.rb, line 6 def lock_access(options = {}) before_action :validate_access!, options end