• Stars
    star
    195
  • Rank 199,374 (Top 4 %)
  • Language
    Ruby
  • License
    MIT License
  • Created about 10 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Easy to use and read action and content based authorizations.

Petergate

Build Status Gitter Gem Version

If you like the straight forward and effective nature of Strong Parameters and suspect that cancan might be overkill for your project then you'll love Petergate's easy to use and read action and content based authorizations."

-- 1 Peter 3:41

Installation

Get the gem

Add this line to your application's Gemfile:

gem 'petergate'

And then execute:

bundle

Or install it yourself as:

gem install petergate
Prerequisites: Setup Authentication (Devise)

Make sure your user model is defined in app/models/user.rb and called User.

If you're using devise you're in luck, otherwise you'll have to add following methods to your project:

current_user
after_sign_in_path_for(current_user)
authenticate_user!
Run the generators
rails g petergate:install
rake db:migrate

This will add a migration and insert petergate into your User model.

Usage

User Model

Configure available roles by modifying this block at the top of your user.rb.

############################################################################################
## PeterGate Roles                                                                        ##
## The :user role is added by default and shouldn't be included in this list.             ##
## The :root_admin can access any page regardless of access settings. Use with caution!   ##
## The multiple option can be set to true if you need users to have multiple roles.       ##
petergate(roles: [:admin, :editor], multiple: false)                                      ##
############################################################################################
Instance Methods
user.role => :editor
user.roles => [:editor, :user]
user.roles=(v) #sets roles
user.available_roles => [:admin, :editor]
user.has_roles?(:admin, :editors) # returns true if user is any of roles passed in as params.
Class Methods

User.#{role}_editors => #list of editors. Method is created for all roles. Roles [admin, :teacher] will have corresponding methods role_admins, role_teachers, etc.

Controllers

Setup permissions in your controllers the same as you would for a before filter like so:

access all: [:show, :index], user: {except: [:destroy]}, company_admin: :all

# one other option that might seem a bit weird is to put a group of roles in an array:
access [:all, :user] => [:show, :index]

Inside your views you can use logged_in?(:admin, :customer, :etc) to show or hide content.

<%= link_to "destroy", destroy_listing_path(listing) if logged_in?(:admin, :customer, :etc) %>

If you need to access available roles within your project you can by calling:

User::ROLES
# or from an instance
User.first.available_roles
# ROLES is a CONSTANT and will still work from within the User model instance methods
# like in this default setter:

def roles=(v)
  self[:roles] = v.map(&:to_sym).to_a.select{|r| r.size > 0 && ROLES.include?(r)}
end

If you need to deny access you can use the forbidden! method:

before_action :check_active_user

def check_active_user
  forbidden! unless current_user.active
end

If you want to change the permission denied message you can add to the access line:

access user: [:show, :index], message: "You shall not pass"

User Admin Example Form for Multiple Roles

= form_for @user do |f| 
  - if @user.errors.any? 
    #error_explanation 
      h2 = "#{pluralize(@user.errors.count, "error")} prohibited this user from being saved:" 
      ul 
        - @user.errors.full_messages.each do |message| 
          li = message 
 
  .field 
    = f.label :email 
    = f.text_field :email 
  - if @user.new_record? || params[:passwd] 
    .field 
      = f.label :password 
      = f.text_field :password 
    .field 
      = f.label :password_confirmation 
      = f.text_field :password_confirmation 
  .field 
    = f.label :roles 
    = f.select :roles, @user.available_roles, {}, {multiple: true} 
  .actions = f.submit 

User Admin Example Form for Single Role Mode

= form_for @user do |f| 
  - if @user.errors.any? 
    #error_explanation 
      h2 = "#{pluralize(@user.errors.count, "error")} prohibited this user from being saved:" 
      ul 
        - @user.errors.full_messages.each do |message| 
          li = message 
 
  .field 
    = f.label :email 
    = f.text_field :email 
  - if @user.new_record? || params[:passwd] 
    .field 
      = f.label :password 
      = f.text_field :password 
    .field 
      = f.label :password_confirmation 
      = f.text_field :password_confirmation 
  .field 
    = f.label :role 
    = f.select :role, @user.available_roles
  .actions = f.submit 

Credits

PeterGate is written and maintaned by Isaac Sloan and friends.

Contributing

  1. Fork it ( https://github.com/isaacsloan/petergate/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

More Repositories

1

cry

Ability to execute crystal code in a fashion similar to pry edit.
Crystal
34
star
2

bitfields

Bit Fields for Crystal Language
Crystal
26
star
3

CRelease

Application to simpify versioning and releasing crystal projects.
Crystal
17
star
4

vim-slang

Vim plugin for Slim-lang in Crystal
Vim Script
12
star
5

rails-competency-test

9
star
6

compiled_license

Compiles all Licenses from project into binary for MIT compliance
Crystal
9
star
7

detailed-vim

JavaScript
3
star
8

amber-crud

Example with Amber_Crystal
Crystal
3
star
9

git_deploy

git deploy for crystal web apps.
Crystal
3
star
10

can_example

Crystal
2
star
11

str_compressor

String Compressor for Crystal Lang
Crystal
2
star
12

acts_as_better_tree

An alternative to nested_sets and acts_as_tree. Designed to be a drop in replacement for acts_as_tree. Replaces betternestedset without the slow inserts when dealing with a large dataset. Used by upillar.com on a dataset of over 900,000 categories with no slow downs. In tests it shows a 285% speed increase on inserts with a dataset of 100k categories. As datasets become larger its insert speed stays about the same when nested_sets become slower. In all of my tests read speeds have been comparable with nested sets on everything but all_children which takes is inperceptibly slower on a dataset of 100k than betternestedset.
Ruby
2
star
13

dp_blog_presentation

Ruby
1
star
14

homebrew-crystal

Installation for crelease
Ruby
1
star
15

photocation

Ruby
1
star
16

image_encrypter

Helping humans visualize encryption strength!
Crystal
1
star
17

hex_encode

Simple shard that encodes binary to hex.
Crystal
1
star
18

dotfiles

Making dotfiles great again.
Vim Script
1
star
19

easy_timer

A simple and elegant way to add timer functionality to your projects. Adds class method :timer and instance method :verbose to Time class.
Ruby
1
star
20

skaf

Scaffolding for Kemal
Crystal
1
star