class Clearance::Constraints::SignedIn

Can be applied to make a set of routes visible only to users that are signed in.

# config/routes.rb
constraints Clearance::Constraints::SignedIn.new do
  resources :posts
end

In the example above, requests to ‘/posts` from users that are not signed in will result in a 404. You can make additional assertions about the user by passing a block. For instance, if you want to require that the signed-in user be an admin:

# config/routes.rb
constraints Clearance::Constraints::SignedIn.new { |user| user.admin? } do
  resources :posts
end

Public Class Methods

new(&block) click to toggle source
# File lib/clearance/constraints/signed_in.rb, line 21
def initialize(&block)
  @block = block || lambda { |user| true }
end

Public Instance Methods

matches?(request) click to toggle source
# File lib/clearance/constraints/signed_in.rb, line 25
def matches?(request)
  @request = request
  signed_in? && current_user_fulfills_additional_requirements?
end

Private Instance Methods

clearance_session() click to toggle source

@api private

# File lib/clearance/constraints/signed_in.rb, line 33
def clearance_session
  @request.env[:clearance]
end
current_user() click to toggle source

@api private

# File lib/clearance/constraints/signed_in.rb, line 38
def current_user
  clearance_session.current_user
end
current_user_fulfills_additional_requirements?() click to toggle source

@api private

# File lib/clearance/constraints/signed_in.rb, line 43
def current_user_fulfills_additional_requirements?
  @block.call current_user
end
signed_in?() click to toggle source

@api private

# File lib/clearance/constraints/signed_in.rb, line 48
def signed_in?
  clearance_session.present? && clearance_session.signed_in?
end