Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Security-Layer for Rails-Application acts like a firewall.

tag: R0.6.0

Fetching latest commit…

Cannot retrieve the latest commit at this time

README.rdoc

Tuersteher

Security-Layer for Rails-Application acts like a firewall. It's check your URL's or Modells to have the rights for this.

Install

gem install tuersteher

Usage

Create in your Rails-Application the rules-file “config/access_rules.rb” (or copy the sample from samples-directory and modify)

Here is as small sample for “config/access_rules.rb”

# Path-Acces-Rules
grant_path '/', :get, :all
grant_path '/admin-area/', :all, :ADMIN

# Model-Acces-Rules
grant_model Product, :view, :all
grant_model Product, :update, :EDITOR do |product, current_user|
                       product.owner_id == current_user.id
                     end

Then extend your ApplicationController with:

include Tuersteher::ControllerExtensions
before_filter :check_access # methode is from Tuersteher::ControllerExtensions

Check if your authendicate-system has implemented the methods:

* current_user
* access_denied

and the cuurent_user should have a method

* has_role(*roles)

If not, just implemen it (see samples/application_controller.rb)

License

LGPL V3 (see license.txt)

Something went wrong with that request. Please try again.