Class: Protege::AccessRulesController

Inherits:
ApplicationController show all
Includes:
PersonaScoped
Defined in:
app/controllers/protege/access_rules_controller.rb

Overview

Manages a persona's runtime inbound access rules — the dashboard-editable, narrowing layer of the access guardrail (see AccessRule and AccessControl). Nested under personas via the PersonaScoped concern, which loads @persona from params[:persona_id] before every action; each action renders back to the persona's page.

Instance Method Summary collapse

Instance Method Details

#createvoid

This method returns an undefined value.

Add an access rule to the persona. Serves POST /personas/:persona_id/access_rules.

Turbo requests update the rules table in place (append the row + reset the form on success, or re-render the form with errors); non-Turbo requests redirect back with the result in the flash.



19
20
21
22
23
24
25
26
27
# File 'app/controllers/protege/access_rules_controller.rb', line 19

def create
  @access_rule = @persona.access_rules.build(access_rule_params)
  saved        = @access_rule.save

  respond_to do |format|
    format.turbo_stream { render :create, status: saved ? :ok : :unprocessable_entity }
    format.html         { redirect_to persona_path(@persona), **create_flash(saved) }
  end
end

#destroyvoid

This method returns an undefined value.

Remove an access rule from the persona. Serves DELETE /personas/:persona_id/access_rules/:id.

Turbo requests remove the row in place; non-Turbo requests redirect back to the persona.



35
36
37
38
39
40
41
42
# File 'app/controllers/protege/access_rules_controller.rb', line 35

def destroy
  @access_rule.destroy

  respond_to do |format|
    format.turbo_stream { render turbo_stream: turbo_stream.remove(@access_rule) }
    format.html         { redirect_to persona_path(@persona), notice: 'Access rule removed.' }
  end
end