Nitro RBAC + goodies

Nitro RBAC + goodies

Posted by Arne Brasseur (Guest)

on 2007-11-28 09:06

Dear fans and friends of Nitro,

Over the past few days I've coded up a reusable part for your (and my)
Nitro applications. It started out as simply user authentication and
access control, but now also includes a crude CSS builder and a brand
new AssetController. It has role based access control and uses a salted
hash for the password.

What does all of this mean?

There are three Og models : UserACL:: User, Permission and Role. A
permission is defined by a string which is either
'*' => allow everything
'ControllerName' => allow access to all actions of this controller
'ControllerName/action' => allow access to this action (all formats)
'ControllerName/action.format' => allow access to this action for the
specific format

Roles have permissions and users have roles. To add checks to your
controllers you simply do

class SomeController < Nitro::Controller #Necessary to have :authorize
available
  authorize :delete, :create, :update
end

If the current user isn't authorized he gets redirected to the referrer
or home, and an error message is added to the flash.

To set up initial permissions you can use UserACL.init, e.g.

    UserACL.init do
      role 'admin', 'Administrators have full access' do
        user 'admin', 'Mister Admin', 'padmin'
        grant '*'
      end
    end if UserACL::User.all.empty?

The <LoginBox /> element will render a box where one can log in, and a
link to the sign-up page.

The provided <Page></Page> element works together with the asset
controller. These allow elements within the page to define class methods
render_css and render_js. The result will be served as if it's a
seperate css/js file by the AssetController, and the <Page> will make
sure the right <link ...> tag is added to your HTML.

And to top it off you can use the CSSBuilder (which does lack maturity)
to do something like

    css {
      p {
        a {
          font_family :serif
        }
      }
      klass(:emphasis) {
        font_weight :bold
      }

      id(:useracl_loginbox) {
        font_family "sans-serif"
        float:right

        div {
          margin "3px"
        }
   }

The main advantage is that you can nest blocks.

Oh and be sure to check out the <FlashBox /> element!

To get the goods a simple

  svn co http://code.arnebrasseur.net/useracl

should suffice.


Have fun,
(ab)

--
Arne Brasseur
http://www.arnebrasseur.net
http://www.zhongwiki.com
http://www.bankske.org
arne@arnebrasseur.net

Edit | Move | Delete topic | Reply with quote

Re: Nitro RBAC + goodies

Posted by George Moschovitis (Guest)

on 2007-11-28 09:25

This looks like an interesting bundle of goodies :) Many thanks for
releasing this!
I will have a look when I return home.

MANY thanks!
-g.

Edit | Delete | Reply with quote

Re: Nitro RBAC + goodies

Posted by Trans (Guest)

on 2007-11-28 15:00

On Nov 28, 3:05 am, Arne Brasseur <a...@arnebrasseur.net> wrote:

>         font_weight :bold
>
> The main advantage is that you can nest blocks.
>
> Oh and be sure to check out the <FlashBox /> element!

Nice. Some of this might make a good fit for blow.

T.

Edit | Delete | Reply with quote

Enable email notification |

Enable multi-page view

This topic is locked and can not be replied to.

Forum: Nitro Nitro RBAC + goodies