Skip to content

adamliesko/righter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits

app/models

app/models

 
 

db/migrate

db/migrate

 
 

lib

lib

 
 

test

test

 
 

.coveralls.yml

.coveralls.yml

 
 

.gitignore

.gitignore

 
 

.ruby-version

.ruby-version

 
 

.travis.yml

.travis.yml

 
 

Gemfile

Gemfile

 
 

Gemfile.lock

Gemfile.lock

 
 

LICENSE

LICENSE

 
 

MIT-LICENSE

MIT-LICENSE

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

righter.gemspec

righter.gemspec

 
 

Repository files navigation

Righter

Gem Version Build Status Coverage Status Codeclimate CI Docs Join the chat at https://gitter.im/adamliesko/righter

Righter is a Ruby on Rails security engine, which is based on Roles, Resources and User models. You can think of it as ab authorization engine, that provides somewhat similar features to the Pundit and cancancan albeit from a very different viewpoint. The difference is that Righter allows you to define those rights on the database level and tie them up to your User model (which can be in fact any Model). With Righter you can restrict and control access on the resource_class level or resource_id level as you will see in the examples. Currently on version 0.0.1 only ActiveRecord is supported.

Installation

In Rails 4 and 5, add this to your Gemfile and run the bundle install command.

    gem 'righter', '~> 0.0.1'

Getting Started

Righter bring two important models into the game - RighterRole and RighterRight. The third one, which roles and rights are associated with is your User model (abstract) - that you can specify to be for example Subscriber or Player.

User

Righter expects from your user model to define a .current_user method that should represent the current user interacting with the application whether it is in case of rights and role management or in any other case. As mentioned previously you can safely use any other of your Models to act as a User in Righter. By including RighterForUser you enable RIghter to provide you the relation with roles and whole right management.

class User < ActiveRecord::Base
  include RighterForUser
  cattr_accessor :current_user
end

Most probably you would like to add or remove roles and check whether a User has a right to do concrete action on a certain Resource. For these use cases Righter provides add_role, remove_role and can? methods.

Controller

The general idea behind Controller addition is to include it directly to your ApplicationController, hence the name of the module RighterForApplicationController.

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  include RighterForApplicationController
end

This Controller addition brings up two useful methods enforce_righter and enforce_resource_security. The enforce_righter is implemented as a before_filter/before_action method, which automatically checks for a certain User whether he can access this concrete controller action. There are situations in which you would probably prefer to skip these filter - e.g. - unsigned user, public page etc. What need a more closer look from you as a developer is method enforce_resource security which acts as a load_and_authorize_resource in cancancan .

class SongsController < ApplicationController
  def show
    @song = Song.find(params[:id])
  end

  def play
    @song = Song..find(params[:id])
    enforce_resource_security(:play, @song)
    render :play
  end

  def promote
    @song = Song.find(params[:id])
    enforce_resource_security(:promote, @song)
    render :promote
  end
end

Resource

In your Resource models you have to inject RighterForResource module.

class Song < ActiveRecord::Base
  include RighterForResource

In order to enable advanced and convenient feature of auto management of rights, go ahead and use auto_manage_righter_right method with right's name. By default, the right is created and destroyed automatically for each of your RighterRoles on respective occasions. With the auto_associate_roles option you can specify an array of names of your RighterRoles for which you want to enable the auto_manage_righter_right method.

 class Song < ActiveRecord::Base
   include RighterForResource
   auto_manage_righter_right :play
   auto_manage_righter_right :promote, auto_associate_roles: [:admin, :vip]

Righter allows you to nest and structure your rights as a tree with the use of a parent_right option, which also accepts a lambda block of code to define the parent_right.

auto_manage_righter_right :delete, parent_right: ->(song) { song.album.righter_right(:build).name }

For a more detailed and concrete example of righter usage, please do take a look at the dummy app located in the tests folder. For explanation of some of the edge use cases consider the tests.

Errors

Righter implements three separate Exceptions, which are always being filled with detailed and descriptive message to help you figure out your trouble.

class RighterError < StandardError
end

class RighterArgumentError < StandardError
end

class RighterNoUserError < RighterError
end

I want to help! Contributions guide

  1. Clone the repo.
  2. Create a separate branch (to prevent unrelated updates).
  3. Apply your changes.
  4. Create a pull request.
  5. Describe what has been done.

License

The MIT License.

About

Rails role based security authorization engine for your user models and resources

Topics

authorization cancancan role-based-access-control

Resources

Readme

License

MIT, MIT licenses found

Licenses found

MIT
LICENSE
MIT
MIT-LICENSE
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages