natebird/lockit.rb

## gistfile1.rb
class Authorization
  extend Lockdown::Access

  #----------------------------------------------------------------------------
  # Public
  #----------------------------------------------------------------------------

  # Access to all methods on the home controller
  permission 'home'

  # Access to all methods on the sessions controller
  permission 'sessions_management' do
    controller 'sessions'
  end

  # Make the following permissions available publicly
  public_access 'sessions_management', 'home'

  #----------------------------------------------------------------------------
  # Protected
  #----------------------------------------------------------------------------

  # Access to all methods on the customer controller
  permission 'customer'


  # Make the following permissions available publicly
  protected_access \
    'customer'


  # Access to all methods on the admin/dashboard controller
  permission 'admin_dashboard'

  # Access to methods (:index, :edit, :update) on the admin/sites controller
  permission 'site_maintenance' do
    controller 'admin/sites' do
      only 'index', 'edit', 'update'
    end
  end

  # Access to all methods on the admin/profiles controller
  permission 'profiles_management' do
    controller 'admin/profiles'
  end

  # Access to all methods on the admin/user_groups controller
  permission 'user_groups_management' do
    controller 'admin/user_groups'
  end

  # Access to all methods on the admin/permissions controller
  permission 'permissions_management' do
    controller 'admin/permissions'
  end

  # Access to all methods on the admin/sites controller
  permission 'sites_management' do
    controller 'admin/sites'
  end

  # Access to all methods on the admin/site_layouts controller
  permission 'site_layouts_management' do
    controller 'admin/site_layouts'
  end

  # Access to all methods on the admin/site_pages controller
  permission 'site_pages_management' do
    controller 'admin/site_pages'
  end

  # Access to all methods on the admin/site_snippets controller
  permission 'site_snippets_management' do
    controller 'admin/site_snippets'
  end

  # Access to all methods on the admin/site_routes controller
  permission 'site_routes_management' do
    controller 'admin/site_routes'
  end

  # Access to all methods on the admin/site_assets controller
  permission 'site_assets_management' do
    controller 'admin/site_assets'
  end

  # Access to all methods on the admin/site_menus controller
  permission 'site_menus_management' do
    controller 'admin/site_menus'
  end

  # Access to all methods on the admin/site_emails controller
  permission 'site_emails_management' do
    controller 'admin_site_emails'
  end

  #----------------------------------------------------------------------------
  # User Groups
  #----------------------------------------------------------------------------

  user_group 'site_administrators', 'admin_dashboard', 'profiles_management',
  'user_groups_management', 'permissions_management', 'site_maintenance',
  'site_layouts_management', 'site_snippets_management', 'site_pages_management',
  'site_routes_management', 'site_assets_management', 'site_menus_management',
  'site_emails_management'

end

## lockit.rb
Lockdown.rails_mixin

# Set User model:
Lockdown::Configuration.user_model = "User"

# Set UserGroup model:
Lockdown::Configuration.user_group_model = "UserGroup"

# Set who_did_it method sothe created_by/updated_by fields and should be accessible to the controller
Lockdown::Configuration.who_did_it = :current_user_id

# Set default_who_did_it for when current_user_id returns nil
Lockdown::Configuration.default_who_did_it = 1

# Set system to logout if unauthorized access is attempted:
#Lockdown::Configuration.logout_on_access_violation = false

# Set redirect to path on unauthorized access attempt:
Lockdown::Configuration.access_denied_path = "/login"

# Set redirect to path on successful login:
Lockdown::Configuration.successful_login_path = "/"

# Sets the separator used in links method. default: ‘|’
#Lockdown::Configuration.links_separator = ‘|’
	class Authorization
	extend Lockdown::Access

	#----------------------------------------------------------------------------
	# Public
	#----------------------------------------------------------------------------

	# Access to all methods on the home controller
	permission 'home'

	# Access to all methods on the sessions controller
	permission 'sessions_management' do
	controller 'sessions'
	end

	# Make the following permissions available publicly
	public_access 'sessions_management', 'home'

	#----------------------------------------------------------------------------
	# Protected
	#----------------------------------------------------------------------------

	# Access to all methods on the customer controller
	permission 'customer'


	# Make the following permissions available publicly
	protected_access \
	'customer'


	# Access to all methods on the admin/dashboard controller
	permission 'admin_dashboard'

	# Access to methods (:index, :edit, :update) on the admin/sites controller
	permission 'site_maintenance' do
	controller 'admin/sites' do
	only 'index', 'edit', 'update'
	end
	end

	# Access to all methods on the admin/profiles controller
	permission 'profiles_management' do
	controller 'admin/profiles'
	end

	# Access to all methods on the admin/user_groups controller
	permission 'user_groups_management' do
	controller 'admin/user_groups'
	end

	# Access to all methods on the admin/permissions controller
	permission 'permissions_management' do
	controller 'admin/permissions'
	end

	# Access to all methods on the admin/sites controller
	permission 'sites_management' do
	controller 'admin/sites'
	end

	# Access to all methods on the admin/site_layouts controller
	permission 'site_layouts_management' do
	controller 'admin/site_layouts'
	end

	# Access to all methods on the admin/site_pages controller
	permission 'site_pages_management' do
	controller 'admin/site_pages'
	end

	# Access to all methods on the admin/site_snippets controller
	permission 'site_snippets_management' do
	controller 'admin/site_snippets'
	end

	# Access to all methods on the admin/site_routes controller
	permission 'site_routes_management' do
	controller 'admin/site_routes'
	end

	# Access to all methods on the admin/site_assets controller
	permission 'site_assets_management' do
	controller 'admin/site_assets'
	end

	# Access to all methods on the admin/site_menus controller
	permission 'site_menus_management' do
	controller 'admin/site_menus'
	end

	# Access to all methods on the admin/site_emails controller
	permission 'site_emails_management' do
	controller 'admin_site_emails'
	end

	#----------------------------------------------------------------------------
	# User Groups
	#----------------------------------------------------------------------------

	user_group 'site_administrators', 'admin_dashboard', 'profiles_management',
	'user_groups_management', 'permissions_management', 'site_maintenance',
	'site_layouts_management', 'site_snippets_management', 'site_pages_management',
	'site_routes_management', 'site_assets_management', 'site_menus_management',
	'site_emails_management'

	end
	Lockdown.rails_mixin

	# Set User model:
	Lockdown::Configuration.user_model = "User"

	# Set UserGroup model:
	Lockdown::Configuration.user_group_model = "UserGroup"

	# Set who_did_it method sothe created_by/updated_by fields and should be accessible to the controller
	Lockdown::Configuration.who_did_it = :current_user_id

	# Set default_who_did_it for when current_user_id returns nil
	Lockdown::Configuration.default_who_did_it = 1

	# Set system to logout if unauthorized access is attempted:
	#Lockdown::Configuration.logout_on_access_violation = false

	# Set redirect to path on unauthorized access attempt:
	Lockdown::Configuration.access_denied_path = "/login"

	# Set redirect to path on successful login:
	Lockdown::Configuration.successful_login_path = "/"

	# Sets the separator used in links method. default: ‘\|’
	#Lockdown::Configuration.links_separator = ‘\|’