This a component of the Yogo Data Management Toolkit. It has been developed as a rails engine to keep the implementation separate from data management components. It provides authentication, with the help of Authlogic, and authorization for a rails application. Default controller, models, and views are provided with this component, but may be overwritten in a Rails app.
The goals of this component are to provide a flexible and customizable authentication and authorization system that is implemented separately from the main app. A minimal number of changes to a rails app are needed to fully utilize yogo-.
Due to apparent limitations in the way Rails loads engines, Yogo currently only works as a plugin.
The current recommended way to install this plugin is as a git submodule. This link shows a great example of how to install rails plugins as git submodules:
github.com/guides/using-git-submodules-to-track-plugins
This plugin/engine requires the following gems to be installed (many are the same as a yogo app):
-
authlogic
-
dm-core
-
rails_datamapper
-
dm-validations
-
dm-timestamps
-
dm-aggregates
-
dm-is-nested_set
-
dm-ar-finders
-
ruby-net-ldap
-
authlogic_ldap
A class named ‘User’ needs to be created in RAILS_ROOT/app/models and the class needs to include the YogoUser module. Associations for your application can and any methods may be added to this model.
Example:
require 'authlogic' class User include Yogo::YogoUser # An association with another model has n, :drops, :child_key => [ :user_id ] # A useful method def puts_moo puts 'moo' end end In drop.rb class Drop include DataMapper::Resource property :id, Serial belongs_to :user, :model => 'User' end
This component provides other controllers, views, and models for managing users, groups, and permissions with sensible default permissions.
A rake task is provided to create the tables in the database and create a sysadmin user and password.
rake yogo:load_default_info
To use the authentication and authorization components, include Yogo::AuthenticatedSystem and Yogo::AuthorizationSystem in application_controller.rb
Example:
class ApplicationController < ActionController::Base include Yogo::AuthenticatedSystem include Yogo::AuthorizationSystem end
These two modules add several methods to the controllers to help control access.
To require a logged in our logged out user: require_user :for => [:create, :new] login_required
require_no_user
To require a user with particular credentials:
authorize_group :sysadmin, :for => :create
Several new controllers and routes are added to the system.
user_session.rb is for authenticating users, and is available to non logged in users.
The remaining controllers require a user in the sysadmin group. They can be access through /users /requirements - For setting login requirements for controllers/actions /groups /groups/:id/permissions - for setting Authorization requirements for controllers/actions
LDAP Support can be added by editing ‘app/models/yogo_/user_session.rb’. In the future there will be a better way to enable ldap support.
-
LDAP Support
-
Create a way to configure this plugin from the initializers.
-
Write more tests
-
Decide where to redirect when authorization fails
-
Develop a model permissions component
-
Clean up the views
-
Merge corresponding restful actions new/create edit/update
-
Refactor the naming of various items.
-
Add a password changing functionality.
-
Add email messages for when a user is created.
-
Add useful information to Yogo::Controller model, a description field for the controllers, etc.
This is the standard OSI approved MIT license.
Copyright © 2009 Montana State University
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.