kristianmandrup/cantango kristianmandrup/cantango

  • Stars
    star
    407
  • Rank 102,461 (Top 3 %)
  • Language
    Ruby
  • License
    MIT License
  • Created almost 13 years ago
  • Updated over 10 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
kristianmandrup/cantango
github

kristianmandrup

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CanCan extension with role oriented permission management, rules caching and much more

CanTango

IMPORTANT

CanTango in its current form is no longer being maintained.
The current version is somewhat unstable and NOT production ready.

If you are interested in the general ideas and concepts behind this project and would like to use it or see the ideas
live on, you are encouraged to look at the attempt of divinding this project into smaller maintainable gems:

These gems all follow the cantango-xxxx convention.

Alternatively, you can look at the following Node.js project and perhaps port it to Ruby and whatever prog. environment
you are using. It sports a much better/simpler design (learning from the faults in the cantango design).

https://github.com/kristianmandrup/authorize-mw/

Good luck!

Intro

CanTango is an advanced Access Control (permissions) system for Rails 3. It:

  • extends CanCan and offers a more granular Object Oriented design
  • integrates with role and authentication systems in a non-intrusive manner
  • can cache ability rules between requests for increased performance
  • allows for context specific Permits with rules
  • supports multiple Devise users/accounts
  • can store static ability rules in a permission store for easy administration
  • manage the permission store from a web UI using the cantango_editor, a mountable Rails engine

A rewrite of Cantango can be found at CanTango permits

The Cantango rewrite currently lacks caching functionality and the permit_store is also incomplete.

The Cantango rewrite consists of a cantango-core and a set of individual gems with minimal inter-dependencies. Each of these gems have been designed in a test driven fashion with almost complete spec coverage so they should be much easier to develop in the future. The old Cantango got too bloated and big and became too hard to maintain in the end.

If you like this project, please give a hand or encouragement for me to finalize the new Cantango.

Will CanTango meet my Access Control requirements?

Installation

Ruby versions

CanTango has been tested to work with Ruby 1.9+ and currently doesn’t support Ruby 1.8.7
If you require ruby 1.8.7 support, please help patch it and make a pull request ;)

Install in current environment (or gemset)

gem install cantango

Install in application

Insert into Gemfile

gem 'cantango'

Run bundler in a terminal/console from the folder of your Gemfile (root folder of app)

$ bundle

Update Nov 24, 2011

Version 0.9.4.7 has been released.

  • Now enables configuration of role and role group systems directly:

Defaults:

You can override the defaults like this:

CanTango.config do |c|
  c.roles.role_system = :troles
end

Then CanTango should auto-configure to use the correct list methods of that system. You can even add your own role system with custom mappings. Here I tell CanTango that I’m using a system I call MyRoles and that the method added to role candidates (fx User) to return the list of roles, will be #list_of_roles and the method to check if he is in (or has) a specific role will be is_in_role?. Same goes for role groups, using role_groups.add_role_group_system.

CanTango.config do |c|
  c.roles.add_role_system :my_roles => {:list => :list_of_roles, :has => :is_in_role?}
end

The wiki has been rewritten and updated to reflect all latest design changes and feature additions.

I am now in the process of a major refactoring effort in the major-refactor branch.
I’ve split up cantango into separate gems which will be developed independently in the future (towards a 1.0 release), notably one gem for each engine. I might rename the “engine” concept into “component” so that developers don’t confuse it with Rails engines ;)

I might also extract the permission engine (currently known as user_ac). Lot’s of changes coming doewn the pipeline. Please help make CanTango much better and more stable! Thanks!

Quickstart

See the Quickstart guide in the wiki.

For devise integration, see Quickstart with Devise

The following scenarios demonstrate some of the problems CanTango can help solve in an elegant way

Generators

Cantango comes with a set of Generators to get your app dancing…
Simply start with:

  • cantango:install

To use the Permit generators please see the Generators page ;)

Rails 3 configuration

The CanTango Configuration consists of a nice DSL that let’s you configure most of the things we imagine you would want to customize. Feel free to suggest more configuration options!

Abilities via Permits and Permissions

Abilities are Access Control rules. With CanTango, the AC rules can be defined in both:

Note: For the simplest cases, you can define a #permit_rules instance method directly in CanTango::Ability

Abilities can be defined for the following conceptual entities:

  • User models
  • User Account models
  • Roles
  • Role groups
  • Users

You can even create your own Permit types to suit your own needs! This feature will be further improved in the upcoming 1.0 release.

Design overview

The default CanTango Ability pattern is simple.

1. Return cached ability rules for candidate if available (and cache is on)
2. Generate rules for candidate
3. Cache rules for candidate (if cache is on)

An ability candidate is typically either a user or an account instance.

Caching can be enabled or disabled. To generate the rules, one or more engines are executed.

CanTango comes with the following engines:

You can however freely plugin or unplug engines as you wish as described in Engines

Dependencies, Adapters and Loading

CanTango had been designed to be minimally intrusive and not require too many external dependencies.

If you want to enable Moneta for caching or storage, you must execute an adapter macro: CanTango.adapter :moneta

This will setup lazy-loading of Moneta cache and Moneta store respectively.
If you want to enable compilation of dynamic rules (using blocks) you must use the :compiler adapter

If you use any of these adapters, you must manually include the following in your Rails app Gemfile.

gem 'dkastner-moneta' for moneta adapter and gem 'sourcify' for the compiler adapter.

CanTango uses autoload_modules from the sweetloader gem.
This ensures that all such modules are lazy-loaded. Thus if you configure CanTango to exclude an engine, the code for that engine will never be loaded, minimizing the load time and memory print.

You need help?

Please post ideas, questions etc. in the cantango group on Google.

Bugs, issues or feature request/ideas?

If you encounter bugs, raise an issue or:

  • Fork the project.
  • Make your feature addition or bug fix.
  • Add tests for it. This is important so I don’t break it in a
    future version unintentionally.
  • Commit, do not mess with rakefile, version, or history.
    (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
  • Send me a pull request. Bonus points for topic branches.

Contributors

Copyright

Copyright © 2010 Kristian Mandrup. See LICENSE for details.

More Repositories

1

cream

Integrates Devise, Roles and CanCan with Permits for a Rails 3 app
Ruby
295
star
2

schema-to-yup

Schema to Yup validation
JavaScript
277
star
3

masonry-rails

JQuery Masonry plugin ready for use with Rails asset pipeline
HTML
235
star
4

datascript-tutorial

Datascript and Datomic tutorial book
206
star
5

mongoid-geo

Geo-spatial extension for Mongoid 2
Ruby
120
star
6

haversine

Calculates the haversine distance between two locations using longitude and latitude
Ruby
89
star
7

vue2-dragula-demo

Vue2 demo app for vue-dragula plugin
JavaScript
78
star
8

gmaps-autocomplete-rails

Google Maps v3 search with jQuery UI Autocomplete, ready for use with Rails asset pipeline
Ruby
73
star
9

geo_magic

Location from IP, geocoding, distance calculation, and geo/map utilities
Ruby
69
star
10

acts_as_list_mongoid

Make your Mongoid model acts as a list
Ruby
64
star
11

roles_generic

Generic role model strategies sharing same API easy to insert in any model
Ruby
59
star
12

rails-gallery

Popular javascript photo gallery and carousel components ready for use with Rails 3 and above :)
Ruby
53
star
13

geo-distance

Calculates the geo distance between two locations using longitude and latitude, using Haversine, Speherical or Vincenty formula
Ruby
52
star
14

ui_datepicker-rails3

jQuery UI datepicker integration for Formtastic, Simple Form and Active Admin
Ruby
50
star
15

world-flags

Use world flag sprites in your Rails 3 app
HTML
48
star
16

mm-devise

Mongo Mapper integration for Devise framework
Ruby
47
star
17

amazing-aurelia-book

Book on how to write advanced, high powered apps with the Aurelia framework.
41
star
18

troles

Roles for Rails 3
Ruby
41
star
19

json-schema-to-es-mapping

Convert JSON Schema to Elastic Search mapping schema
JavaScript
38
star
20

generator-aurelia-ts

Turbo Start generator for Aurelia apps
JavaScript
31
star
21

roles_mongoid

Roles for mongoid using the Roles generic API from roles_generic
Ruby
29
star
22

emberjs-plugin

EmberJS plugin for Intellij IDEA and Webstorm IDE
Java
28
star
23

sugar-high

More Ruby sugar - inspired by the 'zuker' project
Ruby
26
star
24

ember-konacha-rails

Generate Konacha spec infrastructure for your Ember-Rails apps
Ruby
24
star
25

papertrail_mongoid

Papertrail for mongoid
Ruby
23
star
26

cancan-permits

Role specific Permits for use with CanCan permission system
Ruby
21
star
27

auth-assistant

Assistance for configuring and use of devise and cancan in combination
Ruby
20
star
28

vue-framer

Bridging the final gap of the design to app workflow, making a Framer app work with Vue
JavaScript
20
star
29

roles_active_record

Roles for Active Record implementing the Roles generic API
Ruby
18
star
30

slush-reframe

Reframe generator for base application and main artifacts such as domain models
JavaScript
17
star
31

jquery-ui-bootstrap-rails

jQuery UI Bootstrap for Rails asset pipeline
Ruby
17
star
32

bootstrap-addons-rails

Twitter Bootstrap addons: Color- and Datepicker, Image gallery, ready for use with Rails asset pipeline
Ruby
17
star
33

mongoid_embedded_helper

Facilitates performing queries on collections in embedded Mongoid documents
Ruby
16
star
34

mongo_rails3_gen

Mongo DB rails 3 generators to setup use of Mongo DB and create Mongo DB compatible models in Rails 3
Ruby
16
star
35

aurelia-rethink-bindtable

Aurelia bind table integration for RethinkDB via Socket.io
JavaScript
16
star
36

rails3-templates

Rails 3 templates for rapid creation of Rails 3 applications
Ruby
15
star
37

cantango-permits

Permits and Permit engine for CanTango
Ruby
15
star
38

bs-xstate

Bucklescript bindings for XState state machine
OCaml
15
star
39

world-flag-packs

World Flag image packs for use on the web or with the world-flags rails gem
15
star
40

json-schema-to-graphql-types-decorated

Convert JSON schema to GraphQL types (string) including GraphQL transforms/directives
JavaScript
14
star
41

very_nifty_generators

Rails 3 very nifty generators using very DRY conventions
Ruby
14
star
42

geo_calc

Geo calculations in ruby and javascript
Ruby
14
star
43

ember-pusher

A nice little Ember - Pusher integration library
Ruby
14
star
44

vue2-apollo-scaphold

Vue2 Apollo Scaphold.io starter app
Vue
13
star
45

gun-edge

API helpers for Gun.js
JavaScript
13
star
46

pie-rails

Progressive Internet Explorer (PIE) ready for use with Rails asset pipeline
Ruby
13
star
47

react-16.nim

React 16.x bindings for Nim 1.0 with example app (WIP)
Nim
13
star
48

timespan

Use TimeSpans in ruby
Ruby
13
star
49

cartling

Shopping Cart system for Node.js using Keystone and MongoDB by default
JavaScript
12
star
50

ember-beercan

Authorization a-la cancan style for Ember with some Authentication magic added for good measure ;)
Ruby
12
star
51

convert-json-schema-to-mongoose

Convert JSON schema to mongoose 5 schema
JavaScript
12
star
52

prawn_html

A prawn library to assist in converting html to pdf using prawn for pdf rendering
Ruby
11
star
53

cream-app-active_record

Cream demo app for Rails 3 with ActiveRecord
Ruby
11
star
54

react-mxgraph-typescript-starter

React 16 mxgraph-js and typescript starter template based on create-react-app
TypeScript
11
star
55

cypher-query

Javascript Cypher query engine for graphs such as graphology and gun
TypeScript
11
star
56

cantango-demo

Cantango Rails 3 demo app with devise integration
Ruby
11
star
57

Prawn-assist

Helper functions to parse HTML and create output to assist rendering PDF using prawn (or some other renderer)
Ruby
11
star
58

semantic-sass-bootstrap

Semantic SASS wrapper for Twitter Bootstrap
Ruby
11
star
59

chain-gun

Gun.js chain API extensions
JavaScript
10
star
60

mongoid_adjust

Adds simple adjust! method to Mongoid - in the near future it should use the built-in Mongo DB functionality
Ruby
10
star
61

FirebaseUI

FirebaseUI wrapped for use with React Native (iOS only)
Objective-C
9
star
62

acts_as_tree_rails3

The old acts_as_tree updated and converted into a gem for rails 3
Ruby
9
star
63

mongoid-serializer

Add some sane controller serialization support for your Mongoid 3+ models
Ruby
9
star
64

permit-authorize

Authorization library for Javascript and NodeJS using permits and user abilities
LiveScript
9
star
65

cancan-rest-links

Rest link helpers for CanCan
Ruby
9
star
66

ember-config

Yeoman generator for ember-cli to facilitate configuring an Ember app with various asset compilers, components, layout frameworks etc.
JavaScript
9
star
67

money-mongoid

Standalone Mongoid support and integration for the Money gem
Ruby
9
star
68

ruby_traverser_dsl

A ruby code traverser DSL for finding and traversing ruby code as an object model using a nice DSL - uses ripper2ruby
Ruby
9
star
69

rspec-action_view

RSpec addon to simplify creating specs for Rails 3 ActionView extensions
Ruby
8
star
70

cream-app-mongoid

Cream 7.7 demonstration app
Ruby
8
star
71

awd-rails-4th-depot-app

Agile web development with Rails 4th edition - Depot application
Ruby
8
star
72

authorize-mw

Authorization middleware for Node.js and Javascript platform in general (with a little twist)
LiveScript
8
star
73

cancan-permits-demo

Demo of how to use cancan-permits in a Rails 3 app
Ruby
8
star
74

ember-easyform-cli

Experimental fork of ember-easyForm to wrap it as an Ember CLI addon for easy installation
JavaScript
8
star
75

typescript-ast-processor

Process a TypeScript AST using visitors, collectors and instrumentation
TypeScript
7
star
76

red-elements

Node-red UI components as native custom elements
TypeScript
7
star
77

sweetloader

Sweetens up your autoloading of classes and modules
Ruby
7
star
78

ember-factories

Simple Factory library for use with Ember.js
Ruby
7
star
79

geokit-rails3-mongoid

Geokit for Rails 3 using Mongoid
Ruby
7
star
80

facebook-social_plugins

Facebook HTML5 style social plugins for Rails 3
Ruby
7
star
81

ember-cli-emberscript

Adds precompilation of EmberScript files and all the basic generation types to the ember generate command.
JavaScript
7
star
82

rubyproject

A Thor based generator for generating a skeleton Ruby project with Rspec and Cucumber on by default
Ruby
7
star
83

json-schema-model-builder

Infrastructure components to easily process JSON schema and build models from it
JavaScript
7
star
84

semantic-ui-page-layouts

Semantic UI page layouts for common scenarios
HTML
6
star
85

log4r-color

log4r now with color outputs to terminal/console
Ruby
6
star
86

credit_card_icons

Credit card icons for Rails 3 as an engine, using CSS sprites with icons in various sizes and shapes
Ruby
6
star
87

easy_as_pie

Rails asset wrapper for jQuery easy-pie-chart
Ruby
6
star
88

rspec-book-movie-app

The RSpec book movie app implemented for Rails 3 and Rspec 2 with Capybara
Ruby
6
star
89

water-gun

Gun.js API extensions for working with Observables/Streams and CSP channels
JavaScript
6
star
90

rspec-book-views-example

RSpec book views example for RSpec 2.beta11 with Rails 3.b3 and Capybara
Ruby
6
star
91

netzke_widget_generators

Rails 3 generators to quickly generate skeletons for custom Netzke widgets
Ruby
6
star
92

future-gun

Gun.js extensions for Promise and async/await based flow control
JavaScript
6
star
93

concerned

Concerns for Rails
Ruby
5
star
94

cantango-core

The core functionality of CanTango
Ruby
5
star
95

ember-bootstrap-rails

Add ember-bootstrap to your Rails 3.1+ Assets pipeline
JavaScript
5
star
96

koa-marko-example

Convenient Koa.js server setup for rendering pages of a multi page application
JavaScript
5
star
97

ember-big_project

Create a sensible and extensible Ember project structure for big projects ;)
Ruby
5
star
98

aurelia-definitely-typed

Aurelia definition files for registration with TypeScript Definitely Typed registry for use with tsd package manager
TypeScript
5
star
99

geo_point

A GeoPoint encapsulates latitude, longitude and various geo calculations relative to itself
Ruby
5
star
100

qiankun-demo

Qiankun demo app - single-spa Micro Front End (MFE) application
JavaScript
5
star