[ANN] Authorization Plugin 1.0 release candidate + 3 test ap

In honor of RailsConf, I’m releasing an authorization plugin with 3
test apps that show you how to use the system. A reasonably lengthy
description can be found here:
http://www.writertopia.com/developers/authorization

I will also be talking about the plugin’s architecture in my RailsConf
talk on Saturday.

Some features:

  • Nice English-like way of expressing permissions through roles and
    the objects which give the scope of the roles. You can say things
    like:
    permit “(matz or dhh) and interested in Answers”

  • The plugin easily handles roles associated with particular model
    instances. You can handle a moderator of meeting #23 as easily as you
    can handle a user being a general “site admin”.

  • You can choose how much database you’ll use for the roles (and the
    complexity of your authorization system) through a choice of mixins.
    Each mixin provides “acts_as_authorized_user” for your User-like
    object and “acts_as_authorizable” for your authorizable objects.

  • The test apps include an integration test with a simple DSL
    developed after reading Chad F.'s most excellent Rails Recipe
    book. The object_roles_test app might be useful as a scaffold for new
    apps that want authentication and authorization.

  • It’s reasonably easy to hook into existing authentication systems.

-Bill

On Jun 22, 2006, at 12:23 AM, Bill K. wrote:

the objects which give the scope of the roles. You can say things
object and “acts_as_authorizable” for your authorizable objects.

  • The test apps include an integration test with a simple DSL
    developed after reading Chad F.'s most excellent Rails Recipe
    book. The object_roles_test app might be useful as a scaffold for new
    apps that want authentication and authorization.

  • It’s reasonably easy to hook into existing authentication systems.

-Bill

Bill-

Very cool. Congrats on the release. Looking forward to the talk!

-Ezra

On Thursday, June 22, 2006, at 12:23 AM, Bill K. wrote:

the objects which give the scope of the roles. You can say things
object and “acts_as_authorizable” for your authorizable objects.
Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

Good stuff, particularly the record level authorization stuff.

I took a quick look through the plugin and didn’t see any helpers for
views.
Using the ‘user_engine’, you can do things like…

link_if_authorized
and
current_user.authorized?

…to make your views appropriate for the user. Can you do this with
this system?
(I may have missed it, haven’t finished my coffee yet.)

_Kevin

On Thursday, June 22, 2006, at 8:54 AM, Bill K. wrote:

and
http://svn.writertopia.com/svn/plugins/authorization/init.rb
resource, Jon Dugan (the main programmer for Simbiome, recently
Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

Ah, cool!
I’ll have to take a closer look now.

_Kevin

On 22 Jun 2006 12:10:52 -0000, Kevin O.
[email protected] wrote:

…to make your views appropriate for the user. Can you do this with
this system?
(I may have missed it, haven’t finished my coffee yet.)

_Kevin

Kevin,
Take a look at the init.rb for the plugin:
http://svn.writertopia.com/svn/plugins/authorization/init.rb

You’ll see that the ControllerInstanceMethods module, which contains
permit and permit?, are mixed into ActionView. This allows you to do
things like:

link if permit?(“member of :workshop and not crazy”)

A slightly older form of the plugin is used in an open sourced
biomedical resource directory called Simbiome
(http://www.simbiome.org). If you look at the view code for a
resource, Jon Dugan (the main programmer for Simbiome, recently
converted to Ruby from Perl) used a view-side permit to show an “edit
this resource” link:

https://simtk.org/websvn/wsvn/simbiome/trunk/rails/app/views/resource/show.rhtml

The permit methods automatically don’t redirect when the object
doesn’t support it.
-Bill

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs