This module attempts to create permissions conventions for your ActiveRecord models. It supports english-based methods that let you restrict access per-model, per-record, per-column, per-action, and per-user. All at once.
You may define instance methods in the following formats:
def #{column}_authorized_for_#{action}? def #{column}_authorized? def authorized_for_#{action}?
Your methods should allow for the following special cases:
* cron scripts * guest users (or nil current_user objects)
# File lib/active_scaffold/active_record_permissions.rb, line 17 def self.current_user_method; @@current_user_method; end
ActiveRecordPermissions needs to know what method on your ApplicationController will return the current user, if available. This defaults to the :current_user method. You may configure this in your environment.rb if you have a different setup.
# File lib/active_scaffold/active_record_permissions.rb, line 16 def self.current_user_method=(v); @@current_user_method = v; end
# File lib/active_scaffold/active_record_permissions.rb, line 23 def self.default_permission; @@default_permission; end
Whether the default permission is permissive or not If set to true, then everything’s allowed until configured otherwise
# File lib/active_scaffold/active_record_permissions.rb, line 22 def self.default_permission=(v); @@default_permission = v; end