Simple but Powerful authorization features for Ruby on Rails.
walruz-rails is a Walruz extension that allows you to integrate easily the Walruz authorization framework with Ruby on Rails.
For more information about the functionality of walruz please check the walruz webpage (walruz.rubyforge.org)
-
It provides generators to setup easily your authorization policies
-
It provides filters for ActionController that enhances the invocations for verification of authorizations
walruz-rails provides the check_authorization method, this method will generate a before_filter for the parameters specified to this method:
Example:
class UsersController < ApplicationController before_filter :get_user, :except => :index before_filter check_authorization(:create, :user), :only => [:new, :create] before_filter check_authorization(:read, :user), :only => :show before_filter check_authorization(:update, :user), :only => [:edit, :update] before_filter check_authorization(:destroy, :user), :only => [:delete, :destroy] end
All this invocations will get translated to:
current_user.authorize(action, subject)
The result of this invocation will be on a controller method called ‘policy_params`.
Execute the generator to enable walruz on your project:
$ script/generate walruz
This will generate the policies structure on the lib/ folder, and also it will add an initializer that setups your models for Walruz (config/initializers/walruz_intializer.rb).
If you want to generate new policies, you may do so executing:
$ script/generate walruz_policy policy_name
All policies will be stored on the ‘lib/walruz/policies` folder. To organize your policies you may use the `lib/walruz/policies` file.
Copyright © 2009 Roman Gonzalez. See LICENSE for details.