GateKeeper 0.2 is now available.
GateKeeper is a Ruby on Rails plugin providing natural language commands
to intuitively manage complex access/security permissions on
ActiveRecord models. Permissions may be based on user’s system wide
roles (Admin, Moderator, Employee of the Month) and on user’s
relationship to individual records through ActiveRecord associations.
Version 0.2 adds traversal of eagerly loaded associations to verify read
permissions on loaded objects.
Rdocs and installation instructions available at
http://gatekeeper.rubyforge.org/
As an appetizer, here are some sample permission declarations you can
add to your models for GateKeeper to enforce.
class Article < ActiveRecord::Base
crudable_by_admin
crudable_by_my_author
readable_by_supervisor_of_my_author
updateable_by_supervisor_of_my_author :unless => :first_draft?
readable_by_premium_subscriber :if => :published?
destroyable_as_my_author #inherits ‘destroy’ permissions from author
readable_by_guest :if => lambda { |article| article.published_on <
3.months.ago }
etc. etc. etc