Arpa
Authorization Gem for Ruby and Ruby on Rails projects.
Installation
Add this line to your application's Gemfile:
gem 'arpa'
And then execute:
$ bundle
Or install it yourself as:
$ gem install arpa
After you install Arpa and add it to your Gemfile, you need to run the generator:
$ rails generate arpa:install
This command will create some files that are needed to run the Gem.
| File | Purpose |
|---|---|
| db/migrate/20140120201010_create_arpa_tables.rb | Migration to create the all Arpa tables in your database (your name will include a different timestamp) |
| config/locales/arpa.en.yml | Locales to use in Arpa classes |
| app/assets/stylesheets/arpa/arpa_accordion.scss | Basic stylesheet to use with Arpa views |
| app/controllers/arpa/resources_controller.rb app/controllers/arpa/roles_controller.rb app/controllers/arpa/profiles_controller.rb | Controllers to use the CRUD actions for each one |
| app/views/arpa/resources/ app/controllers/arpa/roles/ app/controllers/arpa/profiles/ | All views to use the CRUD actions for each controller above |
| config/routes.rb | Will add all routes into this file with all resources of Arpa |
After generate, you need to run the migration to create all Arpa tables:
$ rake db:migrate
Obs.: The migration file will create a associate table between Profiles and Users (the Users must exist in your Application before adding the Gem)
Usage
First of all you must create the Resources, Roles and Profiles (each is avaliable in the paths listed in a section bellow). After that you need associate Profiles with User (to do this, you need create by your own the associate form view, saving some profiles in some user). Done that you can use some Helpers generated by Arpa.
Association between Profiles and Users
You just need have a method called :profile_ids inside the User model. This method should return a list of ids from profiles associated in the user.
You just add a HBTM association in User model:
class User < ActiveRecord::Base
has_and_belongs_to_many :profiles, class_name: 'Arpa::Repositories::Profiles::RepositoryProfile'
end
With this you will be able to use the :profile_ids method.
Controller helpers
Arpa will create some helpers to use inside your controllers and views.
To verify if a user has access to some :controler and :action, use the following helper:
has_access?('users', 'index')
To reset the session permissions created by Arpa, use the following helper:
Obs.: To that helper method works. You must have :session (In Rails app already has) and :current_user attribute or method.
If you want use that methods inside another object you should use the Arpa::Services::Verifier class;
You just need pass as arguments the :session and :current_user:
verifier = Arpa::Services::Verifier.new(session, current_user)
verifier.has_access?('users', 'index')
verifier.
Controller Filter
If you want create a filter to verify if the current_user has access and if not redirect to another route you can do this:
Create a method in ApplicationController and add as a before_filter callback from rails:
class ApplicationController < ActionController::Base
before_filter :authorize_user
def
controller = params[:controller]
action = params[:action]
redirect_to some_url unless has_access?(controller, action
end
end
Obs.: The has_access? method come from Controller Helper method which Arpa gem has been created.
Information
After generate, you will be able to access some paths for each Controller created:
generate_resources_and_actions_resources GET /resources/generate_resources_and_actions(.:format) arpa/resources#generate_resources_and_actions
resources GET /resources(.:format) arpa/resources#index
POST /resources(.:format) arpa/resources#create
new_resource GET /resources/new(.:format) arpa/resources#new
edit_resource GET /resources/:id/edit(.:format) arpa/resources#edit
resource GET /resources/:id(.:format) arpa/resources#show
PATCH /resources/:id(.:format) arpa/resources#update
PUT /resources/:id(.:format) arpa/resources#update
DELETE /resources/:id(.:format) arpa/resources#destroy
DELETE /roles/:id(.:format) arpa/roles#remove
roles GET /roles(.:format) arpa/roles#index
POST /roles(.:format) arpa/roles#create
new_role GET /roles/new(.:format) arpa/roles#new
edit_role GET /roles/:id/edit(.:format) arpa/roles#edit
role GET /roles/:id(.:format) arpa/roles#show
PATCH /roles/:id(.:format) arpa/roles#update
PUT /roles/:id(.:format) arpa/roles#update
DELETE /roles/:id(.:format) arpa/roles#destroy
DELETE /profiles/:id(.:format) arpa/profiles#remove
profiles GET /profiles(.:format) arpa/profiles#index
POST /profiles(.:format) arpa/profiles#create
new_profile GET /profiles/new(.:format) arpa/profiles#new
edit_profile GET /profiles/:id/edit(.:format) arpa/profiles#edit
profile GET /profiles/:id(.:format) arpa/profiles#show
PATCH /profiles/:id(.:format) arpa/profiles#update
PUT /profiles/:id(.:format) arpa/profiles#update
DELETE /profiles/:id(.:format) arpa/profiles#destroy
License
MIT License. Copyright Rachid Calazans.