Plugins - redpill_access_control
Add to favoritesHas this ever happened to you?
You want to:
- implement an easy role-based permissions system
- control fine-grained access to controllers, actions and resources
- easily specify in your views and helpers which links can be accessed based on a user’s role
- use a clean, well-tested domain-specific language to express your access restrictions
- avoid polluting your views with complex access rules.
Then this plugin is what you want. It was developed out of a real need and is currently alive and well on a production site.
Features:
- Clean dsl to restrict access in your controllers.
class MyController restrict_access_to(Roles::Administrator, :action => :destroy) end
- Access control by url is easy.
link_to_if_authorized("People,{:action => :index }) access_authorized_to_url?("http://exampel.com/users/1/edit") - Smart and context aware role validation. Makes roles such as Owner or Creator a simple thing to implement.
module Roles
module Owner
def self.validate(context)
user = context.send(:current_user)
resource = context.send(:current_resource) if context.respond_to?(:current_resource,true)
user.extend(Roles::Owner) if resource.respond_to?("owner") && resource.owner == user
user.is_a? Roles::Owner
end
end
end
Documentation: http://rdoc.redpill.se/redpill_access_control/
Download and install: script/plugin install http://svn.redpill.se/rails_plugins/redpill_access_control
To see a real world use case, check out: http://trac.redpill.se/public-crm/browser
