Minimal authorization library inspired by RailsCast #385 Authorization from Scratch by Ryan Bates.
Guachiman allows you to store authorization rules as a tree of permissions nested within groups.
Permissions can be either
true or a block that takes an object. In that case the permission will
be the result of the block evaluation.
Add this line to your application's
And then execute:
Or install it directly:
$ gem install guachiman
Describe your authorization objects in this way:
class Authorization include Guachiman def initialize(user = nil) allow :sessions, :new, :create allow :users, :show, :edit, :update do |user_id| user && user.id == user_id end end end
So that you can use them like this:
user = User.find(user_id) guest_authorization = Authorization.new user_authorization = Authorization.new(user) guest_authorization.allow?(:sessions, :new) # => true user_authorization.allow?(:users, :show) # => false user_authorization.allow?(:users, :show, user.id) # => true
This is what you use to set permissions. It takes two parameters,
permissions, and an optional block.
This is what you use to check permissions. It takes a
group param, a
permission param, and an optional
param to evaluate in the block.