Gatekeeper
Gatekeeper is a Rails engine for MongoDB which adds two simple functionalities:
- Model methods to control which informations can be seen by a specific user.
- Controller concern to handle HTML, JS and JSON responses.
Installation
Add this line to your application's Gemfile:
gem 'gatekeeper'
And then execute:
$ bundle install
Usage
Models
The first basic use is to define a model for your application and the information that can be accessed.
# app/models/book.rb
class Book
include Mongoid::Document
field :name, type: String
field :internal_id, type: Integer
allowed_info do |user|
case user.role
when :librarian
[ :name, :internal_id ]
when :customer
[ :name ]
end
end
end
# app/models/user.rb
class User
include Mongoid::Document
field :name, type: String
field :role, type: Symbol
end
When accessing the model info:
book = Book.new(name: 'Lord of the Rings', internal_id: 1234567)
librarian = User.new(name: 'Tony', role: :librarian)
customer = User.new(name: 'Bob', role: :customer)
book.info # { :name => "Lord of the Rings", :internal_id => 1234567 }
book.info(librarian) # { :name => "Lord of the Rings", :internal_id => 1234567 }
book.info(customer) # { :name => "Lord of the Rings" }
Controllers
On controllers, you can include Gatekeeper::Responder
to generate automatic responses for your HTML, JS, or JSON views. These responses contains information based on the allowed_info
method specified in your models.
License
The gem is available as open source under the terms of the MIT License.