Gem used for simple path-based access control.
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

Area 51

You won't find E.T. or Alf here. What you will find is a gem that tries to make the act of defining restricted and unrestricted areas of your web app a little easier.

The RDocs are available if you need them.


There are already a lot of gems out there that provide authorization capabilities, but they all (at least the ones I've seen) revolve around model classes. I had a need to authorize users for certain paths, not models. So, I did what any Rubyist would do when I couldn't find one that existed. I scratched my own itch and Area 51 was born.


class ApplicationController < ActionController::Base
  area_51 do
    authorization_trigger("", :unrestricted) do
      restricted_area "^/memers_only"
      unrestricted_area "^/$"

That's pretty much all there is to it. The methods you should be concerned with are authorization_trigger, restricted_area, and unrestricted_area.


Defines a trigger condition that when met, will cause authorization to be performed.

The trigger can be either a String, lambda, or Proc. If a String, it will be eval'd, if a lambda or Proc, it will be called, and anything else will be returned as-is. If the result does not return an explicit true, authorization will not be performed.

The default_access parameter, if provided, must be one of :restricted or :unrestricted. The default is :restricted. This specifies what type of access the undefined areas will have. For example:

authorization_trigger("", :unrestricted) do
  restricted_area "^/memers_only"
  unrestricted_area "^/$"

In this example, if a user tries to access a path that isn't defined above, they will be granted access due to the :unrestricted parameter.

restricted_area and unrestricted_area

These methods tie a path to an authorization trigger. It must be called within an authorization block:

authorization_trigger("current_user.top_secret_clearance?") do
  restricted_area %r{^/top/secret/path}
  unrestricted_area %r{^/all_eyes}

The method argument can be either a String or a Regexp. If a String, it will be converted to a Regexp.

The End