sand Build Status Gem Version

A ruby gem for authorization in rack/sinatra applications. Code mostly stolen from Pundit.

Installation

gem install sand

Or in your Gemfile

source "https://rubygems.org"

gem "sand"

Usage

The Pundit policy documentation provides an excellent introduction into creating defining policies.

Once you've built your policies, you can start to use sand. By default, you can include sand in your rack application like so:

require 'sand'
use Sand::Middleware

class MyModel < MyOrm::Model
  # ...
end

class MyModelPolicy
  # ...
end

class Routes
  env['sand'].authorize(user, MyModel, :can_greet?)
  [200, {}, ['Hello world']]
end

MyRackApp = Rack::Builder.new do
  use Sand::Middleware
  run SandApp.new
end

This will add authorize and policy_scope underneath env['sand'], that you can call in your middleware / routes.

Sinatra users can access sand's middleware via helpers by adding Sand::Helpers:

require 'sinatra'

use Sand::Helpers

get '/' do
  user = User.find(params[:user_id])
  accounts = policy_scope(user, Account)
  json accounts: accounts
end