@@ -11,6 +11,7 @@ This fork's variances from the core repository: - script/generate active_scaffold user - :config block additions ActiveScaffold.set_defaults do |config| + config.security.allowed_actions << :verify # Add your own actions to security config.left_handed = true config.upper_case_form_fields = true config.secure_download_key = "DOWNLoadMyFileplease" README @@ -23,6 +23,11 @@ module ActiveRecordPermissions def self.default_permission; @@default_permission; end @@default_permission = true + # Actions allowed. If you create a customized action add it to this list. + def self.allowed_actions=(v); @@allowed_actions = v; end + def self.allowed_actions; @@allowed_actions; end + @@allowed_actions = [:create, :read, :update, :destroy, :print] + # This is a module aimed at making the current_user available to ActiveRecord models for permissions. module ModelUserAccess module Controller @@ -72,7 +77,7 @@ module ActiveRecordPermissions # options[:action] should be a CRUD verb (:create, :read, :update, :destroy, :print) # options[:column] should be the name of a model attribute def authorized_for?(options = {}) - raise ArgumentError, "unknown action #{options[:action]}" if options[:action] and ![:create, :read, :update, :destroy, :print].include?(options[:action]) + raise ArgumentError, "unknown action #{options[:action]}" if options[:action] and !ActiveRecordPermissions.allowed_actions.include?(options[:action]) # column_authorized_for_action? has priority over other methods, # you can disable an action and enable that action for a column lib/active_record_permissions.rb 382839665b6f41b02d6ab9e1d26d587bffe4bf90 Edwin Moss edwin.moss@gmail.com http://github.com/edwinmoss/active_scaffold/commit/076ce01992eb1f187538db51630b5d3c62ce280a 076ce01992eb1f187538db51630b5d3c62ce280a 2009-06-27T14:04:38-07:00 2009-06-27T14:04:38-07:00 Added ActiveRecordPermissions.allowed_actions. a252d3be9a97607e1f9478f9d362c5d1b547d45a Edwin Moss edwin.moss@gmail.com