Forum: Ruby on Rails authorization framework?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Larry W. (Guest)
on 2006-03-04 16:07
(Received via mailing list)
There are a number of good authentication frameworks for rails - has
anyone
developed a generic authorization framework?

I'm thinking of something that included the concept of roles, mapped
roles
to both actions and users and could be used to wrap actions before their
invocation.

Extra good would be some way to check data permissions (as in, "yes you
can
perform the 'Edit Dog' action but only for beagles and chessies"), but i
don't know if it's possible to do that well in a general way.

thanks.

Larry
Bob S. (Guest)
on 2006-03-04 16:59
(Received via mailing list)
You could combine Ezra's acl plugin with the new Edge Rails nested
scopes to
accomplish this. How is left as an exercise for the reader.



You can learn more about the acl plugin here:



http://www.brainspl.at/articles/2006/02/20/new-plu...



and the nested scope stuff here:



http://blog.caboo.se/articles/2006/02/22/nested-with_scope





Bob S.

http://www.railtie.net/

  _____

From: removed_email_address@domain.invalid
[mailto:removed_email_address@domain.invalid] On Behalf Of Larry W.
Sent: Saturday, March 04, 2006 6:07 AM
To: removed_email_address@domain.invalid
Subject: [Rails] authorization framework?



There are a number of good authentication frameworks for rails - has
anyone
developed a generic authorization framework?

I'm thinking of something that included the concept of roles, mapped
roles
to both actions and users and could be used to wrap actions before their
invocation.

Extra good would be some way to check data permissions (as in, "yes you
can
perform the 'Edit Dog' action but only for beagles and chessies"), but i
don't know if it's possible to do that well in a general way.

thanks.

Larry
Larry W. (Guest)
on 2006-03-04 17:20
(Received via mailing list)
On 3/4/06, Bob S. <removed_email_address@domain.invalid> wrote:
>
>  You could combine Ezra's acl plugin with the new Edge Rails nested scopes
> to accomplish this. How is left as an exercise for the reader.
>
Thanks. My doctor said I needed more exercise.

  ------------------------------
Ezra Z. (Guest)
on 2006-03-04 19:21
(Received via mailing list)
What Bob said ;) Actually I am working on integrating the nested
with_scope stuff into my acl_system plugin. I think it looks like the
best way to protect model records. I'll let you know when its ready.

-Ezra
Larry W. (Guest)
on 2006-03-04 19:39
(Received via mailing list)
Cool. Thank you.
This topic is locked and can not be replied to.