Abstract authorization solution for Rails.
Ruby
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
spec
.gitignore
.rvmrc
.travis.yml
Gemfile
Gemfile.lock
README.md
Rakefile
init.rb
maymay.gemspec

README.md

Build Status

MayMay is a dead simple auth solution for Rails without any magic

Installation

gem 'maymay'
# gem 'maymay', github: 'redstonelabs/maymay'

Usage

ability = MayMay::Ability.new(user)

ability.may :create, :posts
ability.may? :create, :posts # => true

ability.may :show, :posts do |user, post|
  user.id == post.user_id
end
ability.may? :show, :posts, post # => true

That's it!

How it works with Rails

class ApplicationController < ActionController::Base
  def ability
    ability = MayMay::Ability.new(current_user)
    # define abilities (inline, from db, how you wanna)
    ability
  end
end

class PostsController < ApplicationController
  def show
    @post = Post.find(params[:id])
    authorize! :show, :posts, @post
  end
end

If you are not authorized you'll get an MayMay::Unauthorized exception.

If you make a typo you'll get an MayMay::UndefinedAbility exception.

Yep. It's a simplified cancan gem.