Skip to content

A Role and Subject based approach to authorization which should work with devise (actually, with anything providing a current_user helper)

License

Notifications You must be signed in to change notification settings

saten/devise_restful_auth

Repository files navigation

devise_restful_auth

First, I’m sorry to have the wheel reinvented one more time.

This gem should help developers who need fine grained control over authorization.

Authorization is meant to be bound to a subject, usually the current_user, an object (which should be inferred from the controller) and a controller/action couple.

Authorization info is stored in the Permission model. There is support for both role based and subject based authorization.

More info, a basic guide and something else should come soon.

Needed Migrations

create_table "permissions", :force => true do |t|
  t.string    "controller"
  t.string    "action"
  t.timestamp "created_at"
  t.timestamp "updated_at"
end

create_table "subject_permissions", :force => true do |t|
  t.integer   "subject_id"
  t.string    "subject_type"
  t.integer   "item_id"
  t.string    "item_type"
  t.integer   "permission_id"
  t.timestamp "created_at"
  t.timestamp "updated_at"
end

You should provide yourself the models for the above migrations w/ routes. A scaffold is a good way at the present time.

Contributing to devise_restful_auth

  • Check out the latest master to make sure the feature hasn’t been implemented or the bug hasn’t been fixed yet

  • Check out the issue tracker to make sure someone already hasn’t requested it and/or contributed it

  • Fork the project

  • Start a feature/bugfix branch

  • Commit and push until you are happy with your contribution

  • Make sure to add tests for it. This is important so I don’t break it in a future version unintentionally.

  • Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.

Copyright © 2010 saten. See LICENSE.txt for further details.

About

A Role and Subject based approach to authorization which should work with devise (actually, with anything providing a current_user helper)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages