Allow

A very small authorization library.

It packs a surprising punch for being 26 lines of code.

Installation

gem install allow

Usage

require 'allow'

class User
  include Allow::Actor          # Gives you a :can? method
end

class Post
  attr_reader :author

  def initialize(author)
    @author = author
  end
end

# You can call your permissions-checking class whatever you want,
# just be sure to include Allow::Permissions.
class Permissions
  include Allow::Permissions    # Gives you :permitted?, though you won't
                                # be using it directly very much.
  def update_post(user, post)
    user == post.author
  end                           # Note: all permitter methods must accept at
                                # least 1 argument - they will always receive
                                # an `actor` argument. Everything else is up
                                # to you.
end

# Tell Allow about your Permissions class
Allow.permissions = Permissions.new

# Create some objects
author = User.new
reader = User.new
post   = Post.new(author)

# User's have a :can? method:
author.can?(:update_post, post)       # => true
reader.can?(:update_post, post)       # => false

# Alternatively (and equivalently):
Allow.ed?(author, :update_post, post) # => true
Allow.ed?(reader, :update_post, post) # => false

# Both :can? and Allow.ed? accept an optional block that
# only gets executed if the permitter method returns a truthy
# value.

blocks_called = []

author.can?(:update_post, post) do
  blocks_called << [:author_block] # this gets run
end

reader.can?(:update_post, post) do
  blocks_called << [:reader_block] # this does NOT get run
end

blocks_called # => [:author_block]