# File lib/declarative_authorization/in_controller.rb, line 462
      def filter_resource_access(options = {})
        options = {
          :new        => [:new, :create],
          :additional_new => nil,
          :member     => [:show, :edit, :update, :destroy],
          :additional_member => nil,
          :collection => [:index],
          :additional_collection => nil,
          #:new_method_for_collection => nil,  # only symbol method name
          #:new_method => nil,                 # only symbol method name
          #:load_method => nil,                # only symbol method name
          :no_attribute_check => nil,
          :context    => nil,
          :nested_in  => nil,
        }.merge(options)

        new_actions = actions_from_option( options[:new] ).merge(
            actions_from_option(options[:additional_new]) )
        members = actions_from_option(options[:member]).merge(
            actions_from_option(options[:additional_member]))
        collections = actions_from_option(options[:collection]).merge(
            actions_from_option(options[:additional_collection]))

        options[:no_attribute_check] ||= collections.keys unless options[:nested_in]

        unless options[:nested_in].blank?
          load_parent_method = "load_#{options[:nested_in].to_s.singularize}""load_#{options[:nested_in].to_s.singularize}"
          shallow_exceptions = options[:shallow] ? {:except => members.keys} : {}
          before_filter shallow_exceptions do |controller|
            if controller.respond_to?(load_parent_method)
              controller.send(load_parent_method)
            else
              controller.send(:load_parent_controller_object, options[:nested_in])
            end
          end

          new_for_collection_method = "new_#{controller_name.singularize}_for_collection""new_#{controller_name.singularize}_for_collection"
          before_filter :only => collections.keys do |controller|
            # new_for_collection
            if controller.respond_to?(new_for_collection_method)
              controller.send(new_for_collection_method)
            else
              controller.send(:new_controller_object_for_collection,
                  options[:context] || controller_name, options[:nested_in])
            end
          end
        end

        new_from_params_method = "new_#{controller_name.singularize}_from_params""new_#{controller_name.singularize}_from_params"
        before_filter :only => new_actions.keys do |controller|
          # new_from_params
          if controller.respond_to?(new_from_params_method)
            controller.send(new_from_params_method)
          else
            controller.send(:new_controller_object_from_params,
                options[:context] || controller_name, options[:nested_in])
          end
        end
        load_method = "load_#{controller_name.singularize}""load_#{controller_name.singularize}"
        before_filter :only => members.keys do |controller|
          # load controller object
          if controller.respond_to?(load_method)
            controller.send(load_method)
          else
            controller.send(:load_controller_object, options[:context] || controller_name)
          end
        end
        filter_access_to :all, :attribute_check => true, :context => options[:context]

        members.merge(new_actions).merge(collections).each do |action, privilege|
          if action != privilege or (options[:no_attribute_check] and options[:no_attribute_check].include?(action))
            filter_options = {
              :context          => options[:context],
              :attribute_check  => !options[:no_attribute_check] || !options[:no_attribute_check].include?(action)
            }
            filter_options[:require] = privilege if action != privilege
            filter_access_to(action, filter_options)
          end
        end
      end