RubygemsResearch

Sha256: 8072074a00ca8ca4ea42650d3a74f5081ba0e57840a0d3cb8781180629eeaa58

Contents?: true

Size: 1.91 KB

Versions: 3

Compression:

Stored size: 1.91 KB

# StrongActions

Access control for rails controller/action.

## Installation

Add this line to your application's Gemfile:

    gem 'strong_actions'

And then execute:

    $ bundle

Or install it yourself as:

    $ gem install strong_actions

## Usage


### Configuration

Suppose method "current_user" is available for controllers and views,

and user has an attribute called admin and only admin can modify resource "users",

then prepare config/acl.yml

    current_user:
      users:
        new: admin?
        create: admin?
        edit: admin?
        update: admin?
        destroy: admin?

In above case, when a non-admin user try to access new_user_path, StrongActions::ForbiddenAction is thrown.

if all actions are restricted in the same way, you can make a definition on controller level.

    current_user:
      users: admin?

controller definition can be namespaced.

    current_user:
      admin/users: admin?

if you have multiple controllers under a namespace, namespace can be used.
ending with '/' indicates that is for namespace 'admin' and not controller 'admin'.

    current_user:
      admin/: admin?


### Handling error in controller

In application_controller.rb, the error should be rescued like

    rescue_from StrongActions::ForbiddenAction do
      render :file => 'public/403.html', :layout => false, :status => :forbidden
    end

In above case, all the forbidden accesses are handled by public/403.html.

### Disabling forbidden link in view

In views, use helper method "available?" so that links for forbidden actions are not shown.

    <%= link_to 'Add User' new_user_path if available?('users', 'new') %>

## Contributing

1. Fork it ( https://github.com/[my-github-username]/strong_actions/fork )
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Add some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create a new Pull Request

Version data entries

3 entries across 3 versions & 1 rubygems

Version	Path
strong_actions-0.0.9	README.md
strong_actions-0.0.8	README.md
strong_actions-0.0.7	README.md