Class: RubyCms::Admin::BaseController

Inherits:

Object

• Object
• RubyCms::Admin::BaseController

Defined in:

app/controllers/ruby_cms/admin/base_controller.rb

Overview

Base for all /admin controllers. Ensures authentication and permission enforcement. Inherits from the host’s ApplicationController (or config.admin_base_controller). This layout must not be used for public pages.

Direct Known Subclasses

AnalyticsController, CommandsController, ContentBlockVersionsController, ContentBlocksController, DashboardController, LocaleController, PermissionsController, SettingsController, UserPermissionsController, UsersController, VisitorErrorsController, VisualEditorController

Class Method Summary

• .cms_page(key) ⇒ Object

  Declare which registered page this controller serves.

Instance Method Summary

• #current_user_cms ⇒ Object

  Public API: dashboard block +data procs and host code may call this on the controller instance.

Class Method Details

.cms_page(key) ⇒ Object

Declare which registered page this controller serves. Looks up the permission from the nav_registry entry and sets a before_action. Usage: cms_page :backups (requires a matching register_page call with key: :backups)

# File 'app/controllers/ruby_cms/admin/base_controller.rb', line 26

def self.cms_page(key)
  page_key = key.to_sym
  before_action do
    entry = RubyCms.nav_registry.find {|e| e[:key] == page_key }
    if entry.nil?
      if defined?(Rails.logger)
        Rails.logger.warn("[RubyCMS] cms_page :#{page_key} has no matching register_page entry. " \
                          "Only manage_admin is enforced.")
      end
    elsif entry[:permission].present?
      require_permission!(entry[:permission].to_sym)
    end
  end
end

Instance Method Details

#current_user_cms ⇒ Object

Public API: dashboard block +data procs and host code may call this on the controller instance.

# File 'app/controllers/ruby_cms/admin/base_controller.rb', line 42

def current_user_cms
  @current_user_cms ||= resolve_current_user
end