A11n
A11n handles authorization for Rails controllers! It's simple to use and extend.
Installation
Add this line to your application's Gemfile:
gem "a11n"
And then execute:
$ bundle
Or install it yourself as:
$ gem install a11n
Usage
class Admin::ProductController < ApplicationController
:create, [:admin, :support_staff]
:destroy, [:admin]
def create
product = Production.new(product_params)
product
end
def destroy
product = Production.find(params[:id])
product
end
end
class CommentsController < ApplicationController
:destroy, [:belongs_to_user?, :admin?, :moderator?]
def destroy
comment = Comment.find(params[:id])
comment
end
end
class AdminPolicy < A11n::BasePolicy
def
user.admin?
end
end
class BelongsToUserPolicy < A11n::BasePolicy
def
record.user == user
end
end
Advanced Usage
class CommentUpvotesController < ApplicationController
:create, [:confirmed_user?]
:create, -> { !BLACKLISTED_IPS.inclue?(request.ip)}
def create
upvote = CommentUpvote.new(upvote_params)
upvote # authorizes the upvote if it
return
# do work
end
end
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/stevendanils/a11n.