Very simple Roles library without any authorization enforcement supporting scope on resource object.
Let's see an example:
user.has_role?("moderator", Forum.first) => false # if user is moderator of another Forum
>= Rails 3.1 (rc1 is currently out)
In Rails 3, add this to your Gemfile and run the bundle command.
Alternatively, you can install it as a plugin.
rails plugin install git://github.com/EppO/rolify.git
First, create your Role model and migration file using this generator:
rails g rolify:role Role User
Role and User classes are the default. You can specify any Role class name you want. This is completly a new file so any name can do the job. For the User class name, you would probably use the one provided by your authentication solution. rolify just adds some class methods in an existing User class. **For now, please stick to Role and User class names, see #5 for details**
Let's migrate !
To define a global role:
user = User.find(1) user.has_role "admin"
To define a role scoped to a resource
user = User.find(2) user.has_role "moderator", Forum.first
That's it !
To check if a user has a global role:
user = User.find(1) user.has_role "admin" # sets a global role user.has_role? "admin" => true
To check if a user has a role scoped to a resource:
user = User.find(2) user.has_role "moderator", Forum.first # sets a role scoped to a resource user.has_role? "moderator", Forum.first => true user.has_role? "moderator", Forum.last => false
A global role overrides resource role request:
user = User.find(3) user.has_role "moderator" # sets a global role user.has_role? "moderator", Forum.first => true user.has_role? "moderator", Forum.last => true
Please see on the wiki for all the available commands
If you have any issue or feature request with/for rolify, please add an issue on GitHub or fork the project and send a pull request.
put syntactic sugar:
is_admin? and is_admin_of?(resource) like shortcuts
write a tutorial showing how to use rolify with CanCan and devise