-
Notifications
You must be signed in to change notification settings - Fork 330
API: Action Link
Action Links are used to tie pieces of ActiveScaffold together, and can be used to integrate your own functionality. They can be attached and configured in a variety of places. Native actions like Create, Update, and Delete have configurable links within their own config sections (e.g. config.create.link
), and column objects may themselves have an action link (e.g. config.columns[:username].link
). The main config.action_links
collection is meant for your custom links.
The :action value of the URL
The confirmation message for the link, if any.
Lets you specify a different controller for the action link. In version 1.0 you had to sneak this in through the :parameters
option.
Specifies that the (eventual) CRUD action initiated by this link will be one of the core CRUD types. This is used to check authorization and disable the link.
Values: :create, :read, :update, :destroy
crud_type is useful (at least in version 2.3) when used in conjunction with security method. This is because the authorization call is determined by crud_type. When setting a unique crud_type when defining the action_link, you can gain fine grained control over whether or not a link appears if you create an associated security method. This is very important when using action_links to wire your own functionality.
To understand more about how :crud_type interacts with :security_method, see how they are tied together in vendor/plugins/active_scaffold/frontends/default/views/_list_actions.html.erb
Set to a class instance implementing the dhtml confirmation. It must be a subclass of DHTMLConfirm class, overriding onclick_handler method with javascript code which triggers the DHTML confirmation logic.
config.delete.link.dhtml_confirm = ModalboxConfirm.new
Html attributes to render this action link
When true, the link will open with an AJAX call, using the :position
option.
Values: true, false
The visible text for the link.
Specifies a method for RESTful links. Default is :get
.
Values: :get, :post, :put, :delete
When true, the link will open with standard HTML behavior.
Values: true, false
Miscellaneous parameters for the URL. In version 1.0, if you want to link to another controller you need to specify a :controller parameter here.
When true, the link will open in a new window. Currently there is no configuration option to set the size of the new window.
Values: true, false
For inline links, determines where the result goes. When set to false, then ActiveScaffold will not try to automatically place the result (good for RJS responses).
Values:
- for
:type => :collection
: :top, false. - for
:type => :member
: :replace, :after, :before, and false.
Specifies a method on the controller that determines whether to show this link or not. Note that this does NOT prevent someone from URL hacking.
Values: a symbol naming the method (e.g. :logged_in?
)
Determines whether the link appears on each record, or just once for the entire scaffold.
Values: :collection, :member
Before v2.3, values: :table, :record
config.show.link = false #This removes the show link from the list view, but still allows the show function to be used.
config.update.link.inline = false #This sets the update link to open in its own page.
Create an authorized_for_#{action}?
(e.g. authorized_for_destroy?) in your model and return false for disabling the action link based on your conditions. You can create two methods for column level security checks for every CRUD action, such as #{column}_authorized_for?
or #{column}_authorized_for_#{action}?
.
class MyModel < ActiveRecord::Base
def authorized_for_delete?
false
end
def authorized_for_update?
false
end
end
You can override the authorized_for? method in your model and return false for disabling action_links based on your conditions, but then you can’t use #{column}_authorized_for?
, authorized_for_#{action}?
or #{column}_authorized_for_#{action}?
. For action_links do something like this:
class MyModel < ActiveRecord::Base
def authorized_for?(*args)
not [:destroy, :update].include?(args[0][:action])
end
end