Links
Authorization
Categories
Authorization
Adds a flexible mechanism for authorization. Differs from other authorization systems in the following ways: (1) You can specify roles programmatically with model code or use a mixin to keep roles in a database. (2) The plugin uses a clean language for specifying authorization expressions. (3) Ability to handle roles on instances of a model. (4) Rights are explicitly declared in controller and view code. (5) Different levels of authorization complexity are provided through mixins available with the plugin. If you don�t want to use the database for authorization, you mixin a HardwiredRoles module. If you want full database support for roles on model instances, you mixin the ObjectRolesTable module.
Vitals
| Home | http://www.writertopia.com/developers/authorization |
|---|---|
| Repository | http://github.com/DocSavage/rails-authorization-plugin |
| License | Rails' (MIT) |
| Tags |
acts_as_authenticated authentication authorization rbac RoleRequirement roles rubyonrails security test_driven
|
| Rating | (24 votes) |
| Owner | Bill Katz |
| Created | 18 May 2006 |
Comments
-
Can we use this at controller level? Say , I have list of actions in a controller that only Admin can do, but this controller has no model as such.
-
this plugin is great, any chance it will be updated for rails 2? i'm getting when running autotest
http://pastie.caboo.se/148454
-
Michael14 February 2008
matt, you might want to log & post the method_id that is causing the infinite loop. it would contribute somewhat to identifying the problem.
-
Note that the repository has moved to git. I'm adding some muscle to the administration of the project, so submitted patches will hopefully be looked at and incorporated when useful.
