Module: Challah::Controller::InstanceMethods

Defined in:
lib/challah/controller.rb

Instance Method Summary (collapse)

Instance Method Details

- (Object) access_denied! (protected)

Stop execution of the current action and display the access denied message.

If the user is not logged in, they are redirected to the login screen.

By default the built-in access denied message is displayed, but you can display a different message by setting the following option in an initializer:

Challah.options[:access_denied_view] = 'controller/denied-view-name'

A status code of :unauthorized (401) will be returned.

Override this method if you'd like something different to happen when your users get an access denied notification.



89
90
91
92
93
94
95
96
 
# File 'lib/challah/controller.rb', line 89

def access_denied!
  if current_user?
    render :template => Challah.options[:access_denied_view], :status => :unauthorized and return
  else
    session[:return_to] = request.url
    redirect_to  and return
  end          
end

- (User?) current_user (protected)

Note:

This method is also available as a helper in your views.

The user that is currently logged into this session. If there is no user logged in, nil will be returned.

Returns:

  • (User, nil)

    The current authenticated user.



117
118
119
 
# File 'lib/challah/controller.rb', line 117

def current_user
  @current_user ||= current_user_session.user
end

- (Boolean) current_user? (protected) Also known as: logged_in?

Note:

This method is also available as a helper in your views.

Is there currently a logged in user? Returns true if it is safe to use the current_user method.

Returns:

  • (Boolean)

    Is there a user logged in?

See Also:



106
107
108
 
# File 'lib/challah/controller.rb', line 106

def current_user?
  !!current_user
end

- (Session) current_user_session (protected)

The current authentication session, if one exists. A Session object will be returned regardless of its valid status. If an invalid session is returned, the user attribute will be nil.

Returns:

  • (Session)

    The current browser session.



126
127
128
 
# File 'lib/challah/controller.rb', line 126

def current_user_session
  @current_user_session ||= Challah::Session.find(request, params)
end

- (Object) has(permission_key) (protected) Also known as: permission?

Note:

This method is also available as a helper in your views.

Checks the current user to see if they have the given permission key. If there is not a user currently logged in, false is always returned.

Examples:

class SecureController < ApplicationController
  def index
    # Redirect anyone that doesn't have :see_secure_stuff permission.
    unless has(:see_secure_stuff)
      redirect_to root_path and return
    end
  end
end

See Also:



146
147
148
 
# File 'lib/challah/controller.rb', line 146

def has(permission_key)
  current_user and current_user.has(permission_key)
end

- (Object) login_required (protected)

Restrict a controller to only authenticated users. If someone tries to access a restricted action and is not logged in, they will be redirected to the login page.

This method is an alias for:

restrict_to_authenticated

Examples:

class YourController < ApplicationController
  before_filter :login_required

  # ...
end

Specifing certain actions.

class YourOtherController < ApplicationController
  before_filter :login_required, :only => [ :create, :update, :destroy ]

  # ...
end

See Also:



174
175
176
177
178
179
 
# File 'lib/challah/controller.rb', line 174

def 
  unless logged_in?
    session[:return_to] = request.url
    redirect_to  and return
  end
end