Project

active_permission

0.0
No commit activity in last 3 years
No release in over 3 years
active_permissionjpascal/active_permissionHomepageDocumentationSource CodeBug TrackerWiki
This gem allow you load and authorize resource in Ruby on Rails inside controllers or views using rules with described permissions of user.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
15,605
Stars
0
Forks
0
Watchers
3
 Releases
Current version
0.2.3
Total releases
5
First release
2015-01-28
Latest release
2018-01-01
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2015-04-07
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.7
rake
~> 10.0
rspec
>= 0

Runtime

activesupport
>= 0
 Project Readme

ActivePermission

Gem Version

This gem allow you load and authorize resource in Ruby on Rails inside controllers or views using rules with described permissions of user.

Installation

Add this line to your application's Gemfile:

gem 'active_permission'

And then execute:

$ bundle

Or install it yourself as:

$ gem install active_permission

Usage

Define Abilities

Add a new class in app/models/permissions.rb with the following contents:

class Permissions < ActivePermission::Base
  def initialize(user = nil)
    can 'books', 'index'
    can 'books, 'show' do |catalog, book|
      catalog.published? and book.published?
    end
    can 'books, ['edit','update','destroy'] do |book|
      book.author == user
    end
  end
end

Load Resource and authorization examples

class ApplicationController < ActionController::Base
  include ActivePermission::ControllerAdditions
private
  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  def current_permissions
    @permission ||= Permission.new(current_user)
  end
end

class BooksController < ApplicationController
  resource :book, object: 'Book'
end

class BooksController < ApplicationController
  resource :book do
    Book.find(params[:id])
  end
end

class BooksController < ApplicationController
  resource :catalog, object: 'Catalog', key: :catalog_id, parent: true
  resource :book, through: :catalog, association: :books
  authorize :catalog, :book, only: :show
  authorize :book, only: [ :edit, :update, :destroy ]
end

class BooksController < ApplicationController
  resource :book, object: 'Book', only: [ :show, :destroy ]
  def show
    @book = Book.find(params[:id])
    authorize! @book
  end
  def destroy
    @book = Book.find(params[:id])
    if authorize @book, :destroy
      @book.destroy
    else
      flash[:warning] = 'Can't delete book'
    end
  end
end

Check Abilities

<% if can? 'books', 'show', @book %>
  <%= render 'book', book: @book %>
<% end %>

<% if can? 'books', ['edit', 'update'], @book %>
  <%= render 'links', book: @book %>
<% end %>

Rescue from ActivePermission::AccessDenied

  rescue_from ActivePermission::AccessDenied do |error|
    if @current_user
      logger.warn "#{@current_user.class}(#{@current_user.id}): #{error}"
      flash[:warning] = t('Access denied')
      redirect_to root_path
    else
      logger.warn "Anonymous: #{error}"
      flash[:warning] = t('Must be signin')
      redirect_to signin_path
    end
  end

  rescue_from ActivePermission::AccessDenied do |error|
    logger.warn "Controller: #{error.controller} Action: #{error.action} Object: #{error.resources}"
    flash[:warning] = t('Access denied')
    redirect_to root_path
  end

  rescue_from ActivePermission::AccessDenied do |error|
    logger.warn error.to_s
    flash[:warning] = t('Access denied')
    redirect_to root_path
  end

Contributing

  1. Fork it ( https://github.com/jpascal/active_permission/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request