Repository is archived
No release in over 3 years
Low commit activity in last 3 years
Provides various access control methods to models and controllers. To use with MongoDB.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Runtime

>= 7.0.0
>= 0
 Project Readme

Gatekeeper

Gatekeeper is a Rails engine for MongoDB which adds two simple functionalities:

  • Model methods to control which informations can be seen by a specific user.
  • Controller concern to handle HTML, JS and JSON responses.

Installation

Add this line to your application's Gemfile:

gem 'gatekeeper'

And then execute:

$ bundle install

Usage

Models

The first basic use is to define a model for your application and the information that can be accessed.

# app/models/book.rb
class Book

  include Mongoid::Document

  field   :name,          type: String
  field   :internal_id,   type: Integer

  allowed_info do |user|
    case user.role
    when :librarian
      [ :name, :internal_id ]
    when :customer
      [ :name ]
    end
  end

end
# app/models/user.rb
class User

  include Mongoid::Document

  field   :name,          type: String
  field   :role,          type: Symbol

end

When accessing the model info:

book = Book.new(name: 'Lord of the Rings', internal_id: 1234567)
librarian = User.new(name: 'Tony', role: :librarian)
customer = User.new(name: 'Bob', role: :customer)

book.info               # { :name => "Lord of the Rings", :internal_id => 1234567 }
book.info(librarian)    # { :name => "Lord of the Rings", :internal_id => 1234567 }
book.info(customer)     # { :name => "Lord of the Rings" }

Controllers

On controllers, you can include Gatekeeper::Responder to generate automatic responses for your HTML, JS, or JSON views. These responses contains information based on the allowed_info method specified in your models.

License

The gem is available as open source under the terms of the MIT License.