Class: Protege::AccessRulesController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- Protege::AccessRulesController
- Includes:
- PersonaScoped
- Defined in:
- app/controllers/protege/access_rules_controller.rb
Overview
Manages a persona's runtime inbound access rules — the dashboard-editable, narrowing layer of the
access guardrail (see AccessRule and AccessControl). Nested under personas via the
PersonaScoped concern, which loads @persona from params[:persona_id] before every action; each
action renders back to the persona's page.
Instance Method Summary collapse
-
#create ⇒ void
Add an access rule to the persona.
-
#destroy ⇒ void
Remove an access rule from the persona.
Instance Method Details
#create ⇒ void
This method returns an undefined value.
Add an access rule to the persona. Serves POST /personas/:persona_id/access_rules.
Turbo requests update the rules table in place (append the row + reset the form on success, or re-render the form with errors); non-Turbo requests redirect back with the result in the flash.
19 20 21 22 23 24 25 26 27 |
# File 'app/controllers/protege/access_rules_controller.rb', line 19 def create @access_rule = @persona.access_rules.build(access_rule_params) saved = @access_rule.save respond_to do |format| format.turbo_stream { render :create, status: saved ? :ok : :unprocessable_entity } format.html { redirect_to persona_path(@persona), **create_flash(saved) } end end |
#destroy ⇒ void
This method returns an undefined value.
Remove an access rule from the persona. Serves
DELETE /personas/:persona_id/access_rules/:id.
Turbo requests remove the row in place; non-Turbo requests redirect back to the persona.
35 36 37 38 39 40 41 42 |
# File 'app/controllers/protege/access_rules_controller.rb', line 35 def destroy @access_rule.destroy respond_to do |format| format.turbo_stream { render turbo_stream: turbo_stream.remove(@access_rule) } format.html { redirect_to persona_path(@persona), notice: 'Access rule removed.' } end end |