RoleRequirement

RoleRequirement is a limited-purpose authorization plugin for Rails apps. It performs controller-level authorization checks against a Roles table. No unit-level authorization is provided.

The design pattern bears an uncanny resemblance to DHH's SslRequirement plugin. That's because it's modeled after it (thanks DHH).

This plugin assumes that you have a User model that has_one Role. The Role model can look like anything as long as it has a #name attribute. It also looks for a current_user method in your controller.

to enable the plugin, include the RoleRequirement module in your ApplicationController.

Example

class ApplicationController < ActiveRecord::Base include RoleRequirement end

class UsersController < ApplicationController require_role :administrator, :new, :create, :edit, :update, :destroy

def index
  # no authorization required
end

def new # create, edit, update, destroy
  # Must be an administrator
end

end

class ArticlesController < ApplicationController require_role [:administrator, :author], :index, :show, :new, :create, :edit, :update

def :index # show, new, create, edit, update
  Must be an administrator or an author
end

end

Contributors

• Ryan Heneise
• Special thanks for David Heinemeier Hansson for the design pattern that this plugin follows.

Copyright (c) 2008 Ryan Heneise, released under the MIT license.

"Rails" and "Ruby on Rails", are trademarks of David Heinemeier Hansson. All rights reserved.