Acts as privilege

Acts as privilege is a plugin for Ruby on Rails that provides the capabilities to restrict controller actions to privileged resources.

This ACL-based security model is designed as a role-based access control, where each role can be a group of users.

Philosophy

General library that does only one thing, without any feature.

Installation

Include the gem in your Gemfile:

gem 'acts_as_privilege'

And run the bundle command. Or as a plugin:

rails plugin install git://github.com/cyril/acts_as_privilege.git

Then, generate files and apply the migration:

rails generate privileges model
rake db:migrate

At this point, Privilege model can be populated with:

rest_actions = %w(index show new create edit update destroy)
controllers = {
  :groups   => rest_actions,
  :users    => rest_actions,
  :articles => rest_actions,
  :comments => rest_actions }

Privilege.transaction do
  controllers.each_pair do |controller, actions|
    actions.each do |action|
      Privilege.create! :route => [controller, action].join('#')
    end
  end
end

Example

rails generate privileges group
rake db:migrate

# app/models/group.rb
class Group < ActiveRecord::Base
  acts_as_privilege

  has_many :users
end

# Check the current user capability to destroy articles:
current_user.group.privilege?('articles#destroy') # => false

# Form helper that generates field to manage group privileges:
<%= privileges_field f %>

Copyright © 2009-2011 Cyril Wack, released under the MIT license