wgibbs / zuul
- Source
- Commits
- Network (3)
- Issues (0)
- Downloads (0)
- Wiki (1)
- Graphs
-
Branch:
master
tree a101ee545efaa2a170ba3376a8af5202ea7ef0a5
parent 2619fcc2eed3334f88c3d7d96ddf81567bfa7900
| name | age | message | |
|---|---|---|---|
 |
.document | Loading commit data...  |
|
| |
.gitignore | ||
| |
LICENSE | ||
| |
README.rdoc | ||
| |
Rakefile | ||
| |
VERSION | ||
 |
lib/ | ||
| |
spec/ | ||
| |
zuul.gemspec |
Zuul
Zuul provides a simple role-based authorization framework for Rails apps.
sudo gem install zuul --source http://gemcutter.org
Quick Start
Zuul expects that you have a current_user method available.
Add a role to your users table.
add_column :users, :role, :string
In your User model, specify the valid roles.
valid_roles :guest, :member, :admin
In your ApplicationController, enable access restrictions.
include Zuul::RestrictAccess restrict_access
In your controllers, specify which roles are allowed for which actions.
require_user :guest, :admin, :only => :index, :show
Examples and Options
You can pass restrict_access some options
- access_denied_message - The string that will be added to the flash[:notice] if the user has been denied access to an action. Defaults to "You must be logged in to access this page".
- require_no_user_message - The string that will be added to the flash[:notice] if the requested action requires there be NO user signed in and there is one. Defaults to "You must be logged out to access this page".
- unauthorized_redirect_path - The name of a method, as a symbol, that will be called to determine where to redirect someone when they have been denied access. The method is expected to return a string. The default is :unauthorized_path which returns "/".
You can pass require_user a list of roles and also indicate which actions to apply the restriction to using :only and :except. Some examples:
- Restrict access to all actions for a specific role.
require_user :admin
- Restrict access to specific actions for specific roles.
require_user :guest, :admin, :only => :index, :show
- Require a user but don’t care about the role.
require_user :only => :show
- Don’t allow access to edit or update if there is a user.
require_no_user :only => :edit, :update
Credits
Thanks to Les Hill for help testing the ApplicationController mixins.
Note on Patches/Pull Requests
- Fork the project.
- Make your feature addition or bug fix.
- Add tests for it. This is important so I don’t break it in a future version unintentionally.
- Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
- Send me a pull request. Bonus points for topic branches.
Copyright
Copyright © 2009 Wes Gibbs. See LICENSE for details.
