Hello!
Authorizer is a gem that enables you to authorize on a per-object basis.
For
example, on a private blog, one user could be ‘editor’ of one blog post,
where another user is merely a ‘reader’ of the same post. Authorizer
also
has a ‘find’ method that lists the objects that belong to a certain
user.
This merely maps to ActiveRecord::Base.find, so hardly any syntax
difference.
e.g.
u1 = User.first
u2 = User.last
p = Post.create!( :name => “This is my post”, :body => “This is a long
story
about my post …” )
Authorizer::Base.authorize_user( :object => p, :user => u1 ) # Now u1 is
authorized to this object
Authorizer::Base.find(“Post”, :first, nil, :user => u1) # => p
Authorizer::Base.find(“Post”, :first, nil, :user => u2) # => nil
The gem does everything I need it to do for myself. However, I believe
it
could do so much more since virtually every app needs to have some form
of
authorization.
If you are in the midst of rolling your own auth solution, or happen to
be
looking for such a thing, maybe check out Authorizer and we could pimp
it to
meet the needs of more people out there.
All the best,
CmdJohnson