Walruz: Simple yet Powerful Policy Composition Authorization Framework
walruz-rails is a Walruz extension that allows you to integrate easily the Walruz authorization framework with Ruby on Rails.
For more information about the functionality of walruz please check the walruz webpage (walruz.rubyforge.org)
It provides generators to setup easily your authorization policies
It provides filters for ActionController that enhances the invocations for verification of authorizations
Installation can be done in two ways, either as a gem configuring the dependency in environment.rb
or as a plugin through script/plugin install
$ script/plugin install git://github.com/noomii/walruz-rails.git
Afterwards execute the generator to enable walruz on your project:
$ script/generate walruz
This will generate the policies structure on the lib/ folder, and also it will add an initializer that setups your models for Walruz (config/initializers/walruz_intializer.rb).
If you want to generate new policies, you may do so executing:
$ script/generate walruz_policy policy_name
All policies will be stored on the `lib/walruz/policies` folder. To organize your policies you may use the `lib/walruz/policies` file.
HOW TO USE THE FILTERS
walruz-rails provides the check_authorization method, this method will generate a before_filter for the parameters specified to this method:
class UsersController < ApplicationController before_filter :get_user, :except => :index before_filter check_authorization(:create, :user), :only => [:new, :create] before_filter check_authorization(:read, :user), :only => :show before_filter check_authorization(:update, :user), :only => [:edit, :update] before_filter check_authorization(:destroy, :user), :only => [:delete, :destroy] end
All this invocations will get translated to:
The result of this invocation will be on a controller method called `policy_params`.
Copyright © 2009 Roman Gonzalez. See LICENSE for details.