This project aims to assist you in setting up a complete user login and role permission system for your Rails 3 app. It targets Devise as the user/login system and cancan as the permission system and my own role systems, all integrated in a powerful, yet flexible solution.
The current version should work as is. The permission system can be integrated nicely with the roles gems (see below). Generators still need some work.
Considering renaming this project to 'cream'.
Auth-Assistant targets Devise as the Session system of choice (or Authentication/Authorization - a14n, a13n )
I have developed a flexible Generic Roles strategy system.
Roles for popular ORMs
Role Groups Document DBs such as Mongo and Riak are good for modeling a role-group hierarchical relationship. Role-Group support is planned as a future add-on for the roles strategies integration. (Any assistance appreciated!)
Note: You are most welcome to provide "plugins" for any other role frameworks. Please follow the API conventions of Roles generic.
There will be support for multiple permission systems:
Note: You are most welcome to provide "plugins" for other permission frameworks.
In general, it should now finally be pretty easy to set up a Rails 3 app, with a full Session system, Permission system linked to a Role strategy system using any ORM. Devise supports the following ORMS:
- Active Record
- Data Mapper
- Mongo Mapper
These ORMs are also supported for the Roles strategy system. The Permission system should not have any ORM dependency. There are plans to create a top-level generator which sets up your project with all these systems for a given ORM.
Installation and configuration
This gem has been designed for Rails 3 only.
gem 'auth-assistant'in your Rails 3 Gemfile
$ bundle install
Install as plugin
In the near future...
rails plugin install http://github.com/kristianmandrup/auth-assistant.git
Future plans: I have plans to have the main Auth-Assistant generator configure a role strategy of choice for the ORM of choice.
Currently only CanCan is supported as the permission system.
Role based authorization for CanCan is setup by creating 'permits' for each kind of role. A permit lets a user in a given role do certain actions.
The config generator generates a default
permits.rb file which is placed in /lib, which you can edit to suit your needs.
In Canable the permissions are by default defined in the models. I plan to tweak this behavior to enable the same or a similar central permission setup as I use for CanCan. My current branch of Canable contains generators to setup the models and user with a Canable config. More to follow when I get further here...
The following generators are currently available
- config - configure with new strategy
- views - generate partials for user action menu items
The config generator should automatically setup up your project with Devise, a Roles strategy of choice a Permission system of choice and all using an ORM of your choice!
Auth-Assistant will support these ORMs:
- Mongo Mapper
- Data Mapper
- Acive Record
NOTE: Generators need more testing. The latest generator-spec and other supporting utils I've created should make it a breeze... ;)
Just updated the config generator, which is now called 'cream'. The goal is to make it setup appropriate gems in the project and run various generators to create a full, compatible integration of all the systems (devise, cancan, permissions and roles). Testing of generators to be done ASAP.
rails g auth_assist_::config ROLE_STRATEGY [--devise] [--admin] [--orm]
- --devise : run devise configure generator
- --admin : create admin user
- --orm : orm to be used
rails g auth_assist:config admin_flag --devise --admin --orm AR
Moves 'user menu' partials views into app/views/_user_menu
rails g auth_assist::views [scope] [--haml]
- scope : The scope folder under views to copy the partials to, fx 'admin'
- --haml : Use HAML as template language
Note on Patches/Pull Requests
- Fork the project.
- Make your feature addition or bug fix.
- Add tests for it. This is important so I don't break it in a future version unintentionally.
- Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
- Send me a pull request. Bonus points for topic branches.
Copyright (c) 2010 Kristian Mandrup. See LICENSE for details.