Contents

# CanField

[CanCan](https://github.com/ryanb/cancan) provides only model-level permissions. This gem adds field-based permissions to CanCan using [strong_parameters gem](https://github.com/rails/strong_parameters).

**Warning!** Currently gem doesn't support any nested logic!

## Installation

Add this line to your application's Gemfile:

    gem 'can_field'

And then execute:

    $ bundle

Or install it yourself as:

    $ gem install can_field

## Usage

### ability.rb

Now you have new method for you ability.rb file.

```ruby
canf(actions, target, fields)

# example usage

canf :update, Book, [:title, :desription]
canf [:create, :update], Shelf, [:position]
```

This method invoke standart `can` method with give `actions` and `targer` and generate some additional rules for restrict field access (`:_cf_action_fl_field` as example).

### In controller

There is a contrller class method that provides integration with `load_and_authorize_resource`. Just add `permit_can_field_constraints` right after `load_and_authorize_resource` call. Like this:

```ruby
class BooksController < ApplicationController
  load_and_authorize_resource
  permit_can_field_constraints
  
  ...

end
```

### Helpers

In controller and views you can use helpers `canf?` and `allowed_fields_for`:

```ruby
allowed_fields_for(action, subject) # return list of available fields or [:all] if no restrictions
allowed_fields_for :create, Book # as example

canf?(action, subject, field) # like can? but look for field restrictions
canf? :update, Book, :title # as example 
```

## Contributing

1. Fork it
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Add some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create new Pull Request

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
can_field-0.0.1	README.md