Project

annotation_security

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
annotation_securitynikku/annotation_securityHomepageDocumentationSource CodeBug Tracker
AnnotationSecurity provides a role based security model with automated rule evaluation for Ruby on Rails. It allows you to define user-resource-relations and rights in separate files, keeping your controllers and views free from any security logic. See the gem's homepage for an example.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
15,127
Stars
3
Forks
0
Watchers
5
 Releases
Current version
1.3.1
Total releases
3
First release
2010-03-12
Latest release
2013-03-23
 Development
Primary Language
Ruby
Average date of last 50 commits
2012-01-28
Reverse Dependencies
0

 Dependencies

Development

mocha
>= 0.9.8
rspec
>= 1.2.0

Runtime

action_annotation
>= 1.0.1
activesupport
>= 2.3.5
 Project Readme

Resource Based security for Rails applications

This plugin provides a thin security layer for rails applications. It performs access checks based on a behavioural description of controller actions. Security rules are defined on a resource model which is cleanly separated from your models and controllers.

Installation steps

The security layer is a gem and may be installed using gem install annotation_security.

After installing the gem, run annotation_security --rails RAILS_HOME to integrate the security layer in your rails app. Along with the annotation_security plugin this will add

  • the AnnotationSecurity::Helper in the app/helpers folder of your rails-app. It provides some useful methods to create links and query the security layer from views.
  • example configuration files to setup the security layer under config/security
  • an initializer for the security layer under config/initializer

Where to start

Check out the basic introduction on how to secure your application. In order to get a detailed idea about how things work, have a deeper look inside AnnotationSecurity::ActionController (how to secure your application), AnnotationSecurity::RightLoader (how to setup rights) and AnnotationSecurity::RelationLoader (how to setup relations).

Have a look at the view methods provided by the AnnotationSecurity::Helper as well and at the SecurityContext which is the main entry-point for security related functionality in the layer.

License

Copyright Nico Rehwaldt, Arian Treffer 2009, 2010, 2013

You may use, copy and redistribute this library under the same terms as Ruby itself or under the MIT license.