"Acts as" extension which provides the capabilities to restrict system access to authorized users. This ACL-based security model is designed as a role-based access control, where each role can be a group of users.

Install

To install as a plugin:

  script/plugin install git://github.com/cyril/acts_as_privilege.git

Generate and apply the migration:

  script/generate acts_as_privilege model
  rake db:migrate

Then you can populate Ability and Entity models using something like that:

  rest_actions = %w[index show new create edit update destroy]
  controllers = {
    :groups => rest_actions,
    :users => rest_actions,
    :articles => rest_actions,
    :comments => rest_actions }

  controllers.each_pair do |controller, actions|
    entity = Entity.create(:name => controller.to_s)
    actions.each do |action|
      Ability.create(:name => action, :entity_id => entity.id)
    end
  end

Example

  script/generate acts_as_privilege Group
  rake db:migrate

  class Group < ActiveRecord::Base
    acts_as_privilege
    has_many :users
  end

  # Check the current user capability to destroy articles:
  current_user.group.has_privilege?('articles', 'destroy')

  # Form helper that generate field to manage group privileges:
  <%= privileges_field(@group, :group) %>

Copyright © 2009 Cyril Wack, released under the MIT license