Project

grape-cancan

0.03
Low commit activity in last 3 years
A long-lived project that still receives updates
grape-cancanrzane/grape-cancanHomepageDocumentationSource CodeBug TrackerWiki
Authorize your Grape API with CanCan
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
613,158
Stars
28
Forks
10
Watchers
3
 Releases
Current version
0.1.0
Total releases
4
First release
2014-12-29
Latest release
2024-01-02
 Issues
Open Issues
0
Closed Issues
1
Total Issues
1
Issue Closure Rate
100%
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
3
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2018-04-18
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 2.0
minitest
~> 5.8.4
rack-test
>= 0
rake
~> 10.0

Runtime

cancancan
>= 0
grape
>= 1.0
 Project Readme

Grape::CanCan Build Status

Use CanCan to authorize your Grape endpoints.

Installation

Add this line to your application's Gemfile:

gem 'grape-cancan'

And then execute:

$ bundle

Or install it yourself as:

$ gem install grape-cancan

NOTE: The cancan gem by Ryan Bates is no longer maintained. If you're still using that gem, you should consider replacing it with cancancan.

Usage

This gem adds the current_ability, can?, cannot?, and authorize! helper methods to all Grape API endpoints. This gem expects you to have a current_user helper.

class Users < Grape::API
  resource :users

  get '/:id' do
    @user = User.find(params[:id])
    authorize! :read, @user
    @user
  end
end

Authorizing All Routes

The authorize_routes! method allows you to automatically perform authorization on all routes. Just add the :authorize key to the route options and call authorize_routes!.

Authorization will be skipped on actions that don't provide the :authorize route option.

class Users < Grape::API
  resource :users
  authorize_routes!

  get '/', authorize: [:read, User] do
    User.all
  end
end

Authorizing Specific Routes

For more fine grained control, you can call authorize_route! in a before block.

class Users < Grape::API
  resource :users

  before do
    authorize_route! if user_signed_in?
  end

  get '/', authorize: [:read, User] do
    User.all
  end
end

Handle Unauthorized Access

If the user authorization fails, a CanCan::AccessDenied exception will be raised. You should catch this and respond appropriately. For example, you could redirect the user to the root page, or return a 403 Forbidden as in this example (the error! is a convenience provided by Grape):

class Users < Grape::API
  resource :users
  rescue_from ::CanCan::AccessDenied do
    error!('403 Forbidden', 403)
  end

  get '/:id' do
    @user = User.find(params[:id])
    authorize! :read, @user
    @user
  end
end

Contributing

  1. Fork it ( https://github.com/rzane/grape-cancan/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request