module ActionAccess::ControllerAdditions::ClassMethods

Public Instance Methods

access_locked?() click to toggle source

Is this controller locked?

# File lib/action_access/controller_additions.rb, line 11
def access_locked?
  filters = _process_action_callbacks.collect(&:filter)
  :validate_access!.in? filters
end
let(*clearance_levels, permissions) click to toggle source

Set an access rule for the current controller. It will automatically lock the controller if it wasn't already.

Parameters

clearance_levels

single clearance level (string or symbol) or list

of them (list of parameters or array), either singular or plural.
Accepts the special keyword +:all+ (every clearance level, even none).
permissions

controller action (string or symbol) or list of them (array).

Accepts the special keyword +:all+ (every action in the controller).

Example:

class ArticlesControler < ApplicationController
  let :admins, :all                           # admins can do anything
  let :editors, :reviewers, [:edit, :update]  # editors and reviewers can edit articles
  let :all, [:index, :show]                   # anyone can view articles

  # ...
end
# File lib/action_access/controller_additions.rb, line 40
def let(*clearance_levels, permissions)
  lock_access unless access_locked?
  keeper = ActionAccess::Keeper.instance
  clearance_levels = Array(clearance_levels).flatten
  clearance_levels.each { |c| keeper.let c, permissions, self }
end
lock_access(options = {}) click to toggle source

Lock actions by default, they won't be accessible unless authorized. It takes the same options as filter callbacks.

# File lib/action_access/controller_additions.rb, line 6
def lock_access(options = {})
  before_action :validate_access!, options
end