Project

guachiman

0.01
Repository is archived
No commit activity in last 3 years
No release in over 3 years
Minimal authorization library
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

>= 1.10.6, ~> 1.10
>= 5.8.0, ~> 5.8
>= 10.4.2, ~> 10.4
 Project Readme

guachiman

Minimal authorization library inspired by RailsCast #385 Authorization from Scratch by Ryan Bates.

Guachiman allows you to store authorization rules as a tree of permissions nested within groups. Permissions can be either true or a block that takes an object. In that case the permission will be the result of the block evaluation.

Codeship Status for goddamnhippie/guachiman

Installation

Add this line to your application's Gemfile:

gem 'guachiman'

And then execute:

$ bundle

Or install it directly:

$ gem install guachiman

Usage

Describe your authorization objects in this way:

class Authorization
  include Guachiman

  def initialize(user = nil)
    allow :sessions, :new, :create

    allow :users, :show, :edit, :update do |user_id|
      user && user.id == user_id
    end
  end
end

So that you can use them like this:

user  = User.find(user_id)

guest_authorization = Authorization.new
user_authorization  = Authorization.new(user)

guest_authorization.allow?(:sessions, :new)
# => true

user_authorization.allow?(:users, :show)
# => false

user_authorization.allow?(:users, :show, user.id)
# => true

#allow

This is what you use to set permissions. It takes two parameters, group and permissions, and an optional block.

#allow?

This is what you use to check permissions. It takes a group param, a permission param, and an optional object param to evaluate in the block.

License

MIT