README.md in trust-0.7.0 vs README.md in trust-0.8.0
- old
+ new
@@ -21,20 +21,20 @@
### What is not supported in Trust
* Loading datasets for the index action. You may use other plugins / gems for doing this, or you may implement your own mechanism.
-### Currently not supported, but may be in the future
-
-* cannot and cannot? expressions.
-
# Install and Setup
Install the gem
gem install trust
+
+Or, in your Gemfile
+ gem 'trust'
+
### Define permissions
Create the permissions file in your model directory. Example
``` Ruby
@@ -148,25 +148,28 @@
```
#### You can also designate actors in your model so you can test if other people has access to do operations on a subject
Include the Actor role in the class
+
``` Ruby
class Auditor
include Trust::Actor
...
end
```
Now you can test if the auditor has permission to modify customer for client. Three ways of writing it
+
``` Ruby
@auditor.can? :update, @customer, @client
@auditor.can? :update, @customer, :for => @client
@auditor.can? :update, @customer, :parent => @client
```
The above is the same as
+
``` Ruby
@customer.permits? :update, @client, :by => @auditor
```
## Instance variables
@@ -227,28 +230,31 @@
trustee :off # turns off all callbacks
end
```
#### Alternatives
+
``` Ruby
class MyController < ApplicationController
set_user :off # turns off set_user callback
load_resource :off # do not load resources
access_control :off # turn access control off
end
```
#### More specifically
+
For all call backs and ```trustee``` you can use ```:only``` and ```:except``` options.
Example toggle create action off
``` Ruby
class MyController < ApplicationController
load_resource :except => :create
access_control :except => :create
end
```
#### Yet another alternative, avoiding resource loading
+
Avoid resource loading on ```show``` action
``` Ruby
class MyController < ApplicationController
actions :except => :show
end