Petergate
If you like the straight forward and effective nature of Strong Parameters and suspect that cancan might be overkill for your project then you'll love Petergate's easy to use and read action and content based authorizations."
-- 1 Peter 3:41
Installation
Add this line to your application's Gemfile:
gem 'petergate'
And then execute:
bundle
Or install it yourself as:
gem install petergate
Setup Authentication
Make sure your user model is defined in app/models/user.rb and called User.
If you're using devise you're in luck, otherwise you'll have to add following methods to your project:
user_signed_in?
current_user
after_sign_in_path_for(current_user)
authenticate_user!
Finally you can run the generators
rails g petergate:install
rake db:migrate
This will add:
petergate(roles: [:admin], multiple: false) # default value is false
to your User model.
Usage
Setup permissions in your controllers the same as you would for a before filter like so:
access all: [:show, :index], user: {except: [:destroy]}, company_admin: :all
# one other option that might seem a bit weird is to put a group of roles in an array:
access [:all, :user] => [:show, :index]
Inside your views you can use logged_in?(:admin, :customer, :etc) to show or hide content.
<%= link_to "destroy", destroy_listing_path(listing) if logged_in?(:admin, :customer, :etc) %>
If you need to access available roles within your project you can by calling:
User::ROLES
# or from an instance
User.first.available_roles
# ROLES is a CONSTANT and will still work from within the User model instance methods
# like in this default setter:
def roles=(v)
self[:roles] = v.map(&:to_sym).to_a.select{|r| r.size > 0 && ROLES.include?(r)}
end
Credits
PeterGate is written and maintaned by Isaac Sloan and friends.
Currently funded and maintained by RingSeven
Contributing
- Fork it ( https://github.com/isaacsloan/petergate/fork )
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request