lib/trust/controller.rb in trust-0.8.1 vs lib/trust/controller.rb in trust-0.8.2
- old
+ new
@@ -52,10 +52,11 @@
# Enables authorization in controller
#
# +trustee+ accepts +:off+ or a hash of +callback+ options such as +:except+ and +:only+
#
# +trustee+ automatically calls the class methods: +set_user+, +load_resource+ and +access_control+
+ # +trustee+ accepts +:off+ for +set_user+, +load_resource+ and +access_control+ individually
#
# +trustee+ will raise an Trust::AccessDenied exception if the user is not permitted the action
#
# ==== Examples
#
@@ -75,10 +76,17 @@
# class AccountsController < ApplicationController
# login_required
# trustee :only => [:new, :create]
# end
#
+ # # enable permission check for all restful actions, but without loading resources
+ # class AccountsController < ApplicationController
+ # login_required
+ # trustee :load_resource => :off
+ # model :objects
+ # end
+ #
# ==== Caching Trust::AccessDenied exception
# Normally an exception handler is included in the ApplicationController. Example:
# class ApplicationController < ActionController::Base
# rescue_from Trust::AccessDenied do |exception|
# redirect_to root_url, :alert => exception.message
@@ -129,10 +137,10 @@
private
def _filter_setting(method, *args)
options = args.extract_options!
skip_before_filter method
- unless args.include? :off
+ unless args.include? :off or options[method] == :off
before_filter method, options
end
end
end