Simple authorization framework for ruby
Ruby
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
spec
.gitignore
LICENSE
README.rdoc
Rakefile
hal.gemspec

README.rdoc

HAL. Minimalist authorization framework for Ruby

HAL is a class-based authorization framework for Ruby. It lets you define authorization rules on classes, which will then be applied to all instances of said classes. For example:

class User < Struct.new(:name); end
dave = User.new("Dave")

HAL.rules_for User do
  def open_the_pod_bay_doors?
    subject.name != "Dave"
  end
end

HAL.can(dave).open_the_pod_bay_doors? #=> false

When defining rules you can access a subject method, which will reference whatever object you pass to can.

You also have a more powerful version of can, called can!, which takes a block and will raise HAL::ICantLetYouDoThat if the block evaluates to false:

HAL.can!(dave) {|can| can.open_the_pod_bay_doors? } #=> raises!

Finally, you can include HAL into your classes to get can and can! as helper methods.

class UsersController < ApplicationController
  include HAL

  before_filter :check_permissions, :only => [:edit, :update, :destroy]

  def check_permissions
    unless can(current_user).edit_user?(current_user)
      redirect_to users_path, :alert => "I can't let you do that, Dave"
    end
  end
end

Installing

As a RubyGem

gem install hal

For rails 2.3, add to your config/environment.rb:

config.gem "hal", :lib => "hal/rails"

For rails 3, add to your Gemfile:

gem "hal", :require => "hal/rails"