kristianmandrup/cream kristianmandrup/cream

  • Stars
    star
    295
  • Rank 135,847 (Top 3 %)
  • Language
    Ruby
  • License
    MIT License
  • Created over 13 years ago
  • Updated over 12 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
kristianmandrup/cream
github

kristianmandrup

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Integrates Devise, Roles and CanCan with Permits for a Rails 3 app

Cream

August 9, 2011 – Announcement!

During the past few months, @kristianmandrup and @stanislaw have been working hard to come up with a replacement for cream, redesigning the core components from the ground up, with a full spec suite, dummy apps for integration testing etc.

The fruits are now ready to be harvested! Today we announce the Release Candidate
of CanTango

The gem (with Rails 3 engine) will be released later today when we have the wiki and README in place ;)

Also join the CanTango discussion group

We hope you will enjoy it and join in the effort to create a super ACM system for Rails 3 :)

Cheers!

PS: This also means that cream will no longer be maintained. All efforts are now on CanTango. Please migrate from cream to CanTango.
A migration guide will be available on the wiki soon.

Intro

This project aims to assist in setting up a Rails 3 app with an integrated Authentication and Authorization solution for your ORM of choice.

Execute the full_config generator with arguments specifying:

  • The User types in the application (for Authentication, route Authorization and User data)
  • The User roles in the app (for fine-grained Authorization)
  • The main Role strategy to use (allow single or multiple roles for each user)
  • ORM to use (Relational and Document based datastores are supported – see below)

The cream generator will apply all its “magic” to your app so you can implement your permission business logic using intuitive APIs.

Cream targets smooth integration of the following main systems:

  • Devise – Users and Authentication
  • CanCan – Authorization of users
  • Roles – Roles and role groups for authorization

Cream comes with a suite of specialized generators that aim to facilitate configuration of your Rails 3 app with these systems. For details on how to use these generators, please see the documentation for the individual gem.

Status update (June 22, 2011)

During most of May and June (2011), the cream gem has been broken due to an update of the gem ‘sugar-high’, which the generators depend on for file operations via the ‘file_mutate’ pack. The latest release of sugar-high, version ‘0.4.6.4’ should now ensure that the file_mutate pack is backwards compatible so that this should no longer cause an error.

I am currently working on a new framework ‘dancing tango with troles’ taking what I’ve learned so far and providing a far better solution which incorporates use of multiple user accounts for a given user and thus that a user can be logged into multiple applications simultaneously in different roles!

Please help out on this project if you find it useful! Thanks!

Status update (June 12, 2011)

Please check out the rails_3_1 branch. I’ve just added support for the File.mutat_ext :all macro available from the gem sugar-high

Cream might currently have a few gotchas to get it working (not tested since mid May). For the roles part you can substitute roles_generic with the new gem troles, which has a much cleaner design and also supports role groups. Cream will be redesigned and rebranded
as Dancing over the summer, and will support Rails 3.1. Stay tuned. You are as always most welcome to assist in the project :)

Installation and configuration

The cream gem has been designed for Rails 3 and Ruby 1.9 only.

Installing Cream

Insert 

gem ‘cream’
in your Rails 3 Gemfile
$ bundle install

ORMs supported

Relational Databases:

  • Active Record
  • Data Mapper

Document stores:

  • Mongo Mapper
  • Mongoid
  • Couch DB

Note: Couch DB support will soon be migrated to use CouchRest

More info

For more information:

Please let me know of other areas that you think should be covered in the Wiki or on page.
One or more tutorials with demo applications are planned for the near future.

How to start with Cream

Cream integrates so many moving parts that running the full generator to generate all the bells and whistles and start playing around might be overwhelming for most.
I therefore recommend that you start out by experimenting with the main parts and get a feel for how to design the users/roles/permits parts of your application.

1) Devise user with Roles
2) Cancan permits
3) User types

First I would generate a single Devise user and then run Roles for the ORM you are using. Then play around with the Roles API to get a feel for it.
Later You can run the cancan-permits generator and play around with permissions, using permits and licenses to get a feel for this API and how it plays with the roles.

Then think about which user types you need. User types are distinct types of users that might have individual data needs (separate table or schema), individual registration pages or different administration rules (devise strategies such as email confirmation etc.)

Then decide which roles should be available for each user type_, that is what kind of usertype each role makes sense for. You might also decide to group multiple roles into role groups.

Scenario example

Roles: super admin, forum admin, guest user, normal user, content publisher

In this scenario it would make sense to have these User types: User, Guest, Admin

The user types should make roles available as follows:

  • Guest: guest
  • User: normal, content_publisher
  • Admin: super_admin, forum_admin

This is done via the method valid_roles_are (see the Roles API).

Rails 3 demo apps with Cream

The following Rails 3 demo apps use Cream 0.7.7 and above and were created around Dec 1. 2010

You are most welcome to publish your own demo app with a later version of Cream. These apps need to be updated and demonstrate the real functionality of using the various APIs and DSLs that come with Cream and its supporting libs ;)

I plan to release new demo apps for the 0.9 version of Cream in May, 2011

Sub systems of Cream

  • Devise
  • Cancan
  • Roles
  • Permits

Authentication

Cream targets Devise as the Authentication system of choice

See Devise Configuration options for more details on configuring your devise User models.

The project devise links adds more convenience for creating view links to trigger Devise session actions.

Authorization

Cream supports CanCan as the Authorization system.
The project Cancan permits adds the concept of Permits for each role.

Roles

The Roles system is based on Roles Generic, a generic Roles API implementation where parts are overriden by Roles implementations for specific ORMs.

The Roles Generic API has been implemented for the following ORMs

Any role system can be substituted as long as you have a method #has_role? on the user which returns true or false given a string or symbol that identifies the role.

You can also use Role groups to group multiple roles into a group and query if a user has any of the roles in the group.

Permits

A Permit lets a user in a given role do certain actions as defined in the Permit.
A Permit can also reuse permission logic in the form of Licenses for a more fine grained design if needed.

CanCan Permits comes with generators to generate Permit files which are placed in ‘/app/permits’. You can then edit the Permits to suit your needs.

The project CanCan REST links provides a convenient way to handle CanCan REST links, using a flexible API.

Check out Cancan permits for more info for how to use Permits.

Cancan permits support all the ORMs that both Devise and Roles support.

Licenses

For more advanced authorization scenarios you can create reusable permission logic in license classed that are placed in ‘/app/licenses/’. A License can be reused in multiple Permits.

See CanCan permits demo app for an example of how to use cancan-permits and licenses.

Permits Editor

I have recently created a Permits editor application that demonstrates how you can let the user edit the Permits, Licenses and even individual User permissions directly as part of an admin section of the web app.

The Permits editor updates yaml files that are now part of the cancan-permits infrastructure (if present and registered).
I plan to refactor the Permits Editor into a mountable app when I have the time.

Generators

Please see Cream generators overview for more details on generators including objectives and what each generator aims to produce (update your app with).

The following generators are currently available with Cream:

Main app generator:

  • cream:full_config – Configure Rails 3 application with Cream (master generator)

Individual configuration generators:

The following generators can all be used individually.

Devise (authentication)

  • devise:config – Configure Rails 3 application with Devise
  • devise:users – Configure Rails 3 application with Devise users
  • devise:customize – Customize devise configuration

Authorization incl. roles

  • cancan:config – Configures app with CanCan
  • permits:config – Configures app with CanCan Permits
  • roles:config – Configures app with Roles

Other generators:

  • cancan:restlinks – Create REST links locale file
  • devise:links – Create devise links locale file (should I rename this to authlinks?)
  • cream:views – Generates partials for menu items

All the above generators have specs included in cream that demonstrate how to use them and should verify that they work as expected.

The cream:full_config generator should call all the sub-generators in succession to fully configure the Rails 3 app according to your preferences.

Full Config Generator

Example:

rails g cream:full_config --strategy admin_flag --orm AR

By default creates :guest and :admin User types.

Sub generators

To view the run options of any of the sub generators, simply type $ rails g [GENERATOR_NAME]

Example: rails g permits:config

Cream Views Generator

Moves ‘user menu’ view partials into app/views/cream

rails g cream:views [scope] [--haml]

  • (scope) : The scope/namespace folder under views to copy the partials to, ‘cream’ is the default scope (namespace)
  • (haml) : Use HAML as template language (default is erb)

The views generator is based on a similar generator from the devise project. The Views generator and partials have been updated (Jan 6, 2011).
The partials generated are useful for creating menu items for login/logout and registration.
The links are automatically displayed or hidden depending on the current state of the user.

Inspiration and Ideas

Tony Amoyal has written a two part series (Part I, Part II) on how to setup a fully integrated Devise/CanCan solution with Roles. You might want to take a look at this for further customization needs. It might also provide food for thought for suggestions on improvements to the Cream framework ;) I have started work on a devise:customize generator to facilitate some of these customization needs…

Currently there is support for seting up a Guest user and and option to use both username and password as valid credentials.

The magic behind the curtain

Cream leverages an extensive Tool suite that I have created specifically to make it much easier/faster to create gems and generators for Rails 3 and spec/test them with RSpec 2, using more natural DSLs and APIs.
If you look into the Cream code you can see extensive usage of this.

The path towards 1.0

Since cream version 0.9.2, the project should be pretty stable again. I plan to release a 1.0 release of Cream and all gems it uses when I have checked that they all work as they should with the latest versions of Rails, Devise and CanCan. The 1.0 version will also come with a full step-by-step tutorial for both a simple case (1 user type where each user can have only 1 role) and a more advanced scenario (multiple user types where some users can have multiple roles).

Cream 2 will be a total redesign/refactoring using what I have learned and will be inspired by Jose Valim’s book Crafting Rails Applications.
I will create a new project using enginex, complete with one or more dummy apllications and take it from there. Sadly I will likely not have time for this until April 2011, so if anyone has the time and energy, please help me in this effort!

Cream edge, debugging and how to assist in developing the framework

Cream edge (directly from trunk or a feature branch), might have some extra goodies you could be interested in. To help develop Cream or use the edge version, just do:

gem 'cream', :git => 'https://github.com/kristianmandrup/cream.git'

There is also a :branch option to use a specific branch, fx a feature branch.

If you want to develop on Cream: git clone https://github.com/kristianmandrup/cream.git

Optionally switch to particular branch in your local cloned repo: git checkout [feature branch]

Then in your app, tell it to use your local version using the :path option:

gem 'cream', :path => 'path to your cloned cream'

And you’ll be ready to experiment, debug and add features from there :)

Note on Patches/Pull Requests

  • Fork the project.
  • Make your feature addition or bug fix.
  • Add tests for it. This is important so I don’t break it in a
    future version unintentionally.
  • Commit, do not mess with rakefile, version, or history.
    (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
  • Send me a pull request. Bonus points for topic branches.

Copyright

Copyright © 2010 Kristian Mandrup. See LICENSE for details.

More Repositories

1

cantango

CanCan extension with role oriented permission management, rules caching and much more
Ruby
407
star
2

schema-to-yup

Schema to Yup validation
JavaScript
277
star
3

masonry-rails

JQuery Masonry plugin ready for use with Rails asset pipeline
HTML
235
star
4

datascript-tutorial

Datascript and Datomic tutorial book
206
star
5

mongoid-geo

Geo-spatial extension for Mongoid 2
Ruby
120
star
6

haversine

Calculates the haversine distance between two locations using longitude and latitude
Ruby
89
star
7

vue2-dragula-demo

Vue2 demo app for vue-dragula plugin
JavaScript
78
star
8

gmaps-autocomplete-rails

Google Maps v3 search with jQuery UI Autocomplete, ready for use with Rails asset pipeline
Ruby
73
star
9

geo_magic

Location from IP, geocoding, distance calculation, and geo/map utilities
Ruby
69
star
10

acts_as_list_mongoid

Make your Mongoid model acts as a list
Ruby
64
star
11

roles_generic

Generic role model strategies sharing same API easy to insert in any model
Ruby
59
star
12

rails-gallery

Popular javascript photo gallery and carousel components ready for use with Rails 3 and above :)
Ruby
53
star
13

geo-distance

Calculates the geo distance between two locations using longitude and latitude, using Haversine, Speherical or Vincenty formula
Ruby
52
star
14

ui_datepicker-rails3

jQuery UI datepicker integration for Formtastic, Simple Form and Active Admin
Ruby
50
star
15

world-flags

Use world flag sprites in your Rails 3 app
HTML
48
star
16

mm-devise

Mongo Mapper integration for Devise framework
Ruby
47
star
17

amazing-aurelia-book

Book on how to write advanced, high powered apps with the Aurelia framework.
41
star
18

troles

Roles for Rails 3
Ruby
41
star
19

json-schema-to-es-mapping

Convert JSON Schema to Elastic Search mapping schema
JavaScript
38
star
20

generator-aurelia-ts

Turbo Start generator for Aurelia apps
JavaScript
31
star
21

roles_mongoid

Roles for mongoid using the Roles generic API from roles_generic
Ruby
29
star
22

emberjs-plugin

EmberJS plugin for Intellij IDEA and Webstorm IDE
Java
28
star
23

sugar-high

More Ruby sugar - inspired by the 'zuker' project
Ruby
26
star
24

ember-konacha-rails

Generate Konacha spec infrastructure for your Ember-Rails apps
Ruby
24
star
25

papertrail_mongoid

Papertrail for mongoid
Ruby
23
star
26

cancan-permits

Role specific Permits for use with CanCan permission system
Ruby
21
star
27

auth-assistant

Assistance for configuring and use of devise and cancan in combination
Ruby
20
star
28

vue-framer

Bridging the final gap of the design to app workflow, making a Framer app work with Vue
JavaScript
20
star
29

roles_active_record

Roles for Active Record implementing the Roles generic API
Ruby
18
star
30

slush-reframe

Reframe generator for base application and main artifacts such as domain models
JavaScript
17
star
31

jquery-ui-bootstrap-rails

jQuery UI Bootstrap for Rails asset pipeline
Ruby
17
star
32

bootstrap-addons-rails

Twitter Bootstrap addons: Color- and Datepicker, Image gallery, ready for use with Rails asset pipeline
Ruby
17
star
33

mongoid_embedded_helper

Facilitates performing queries on collections in embedded Mongoid documents
Ruby
16
star
34

mongo_rails3_gen

Mongo DB rails 3 generators to setup use of Mongo DB and create Mongo DB compatible models in Rails 3
Ruby
16
star
35

aurelia-rethink-bindtable

Aurelia bind table integration for RethinkDB via Socket.io
JavaScript
16
star
36

rails3-templates

Rails 3 templates for rapid creation of Rails 3 applications
Ruby
15
star
37

cantango-permits

Permits and Permit engine for CanTango
Ruby
15
star
38

bs-xstate

Bucklescript bindings for XState state machine
OCaml
15
star
39

world-flag-packs

World Flag image packs for use on the web or with the world-flags rails gem
15
star
40

json-schema-to-graphql-types-decorated

Convert JSON schema to GraphQL types (string) including GraphQL transforms/directives
JavaScript
14
star
41

very_nifty_generators

Rails 3 very nifty generators using very DRY conventions
Ruby
14
star
42

geo_calc

Geo calculations in ruby and javascript
Ruby
14
star
43

ember-pusher

A nice little Ember - Pusher integration library
Ruby
14
star
44

vue2-apollo-scaphold

Vue2 Apollo Scaphold.io starter app
Vue
13
star
45

gun-edge

API helpers for Gun.js
JavaScript
13
star
46

pie-rails

Progressive Internet Explorer (PIE) ready for use with Rails asset pipeline
Ruby
13
star
47

react-16.nim

React 16.x bindings for Nim 1.0 with example app (WIP)
Nim
13
star
48

timespan

Use TimeSpans in ruby
Ruby
13
star
49

cartling

Shopping Cart system for Node.js using Keystone and MongoDB by default
JavaScript
12
star
50

ember-beercan

Authorization a-la cancan style for Ember with some Authentication magic added for good measure ;)
Ruby
12
star
51

convert-json-schema-to-mongoose

Convert JSON schema to mongoose 5 schema
JavaScript
12
star
52

prawn_html

A prawn library to assist in converting html to pdf using prawn for pdf rendering
Ruby
11
star
53

cream-app-active_record

Cream demo app for Rails 3 with ActiveRecord
Ruby
11
star
54

react-mxgraph-typescript-starter

React 16 mxgraph-js and typescript starter template based on create-react-app
TypeScript
11
star
55

cypher-query

Javascript Cypher query engine for graphs such as graphology and gun
TypeScript
11
star
56

cantango-demo

Cantango Rails 3 demo app with devise integration
Ruby
11
star
57

Prawn-assist

Helper functions to parse HTML and create output to assist rendering PDF using prawn (or some other renderer)
Ruby
11
star
58

semantic-sass-bootstrap

Semantic SASS wrapper for Twitter Bootstrap
Ruby
11
star
59

chain-gun

Gun.js chain API extensions
JavaScript
10
star
60

mongoid_adjust

Adds simple adjust! method to Mongoid - in the near future it should use the built-in Mongo DB functionality
Ruby
10
star
61

FirebaseUI

FirebaseUI wrapped for use with React Native (iOS only)
Objective-C
9
star
62

acts_as_tree_rails3

The old acts_as_tree updated and converted into a gem for rails 3
Ruby
9
star
63

mongoid-serializer

Add some sane controller serialization support for your Mongoid 3+ models
Ruby
9
star
64

permit-authorize

Authorization library for Javascript and NodeJS using permits and user abilities
LiveScript
9
star
65

cancan-rest-links

Rest link helpers for CanCan
Ruby
9
star
66

ember-config

Yeoman generator for ember-cli to facilitate configuring an Ember app with various asset compilers, components, layout frameworks etc.
JavaScript
9
star
67

money-mongoid

Standalone Mongoid support and integration for the Money gem
Ruby
9
star
68

ruby_traverser_dsl

A ruby code traverser DSL for finding and traversing ruby code as an object model using a nice DSL - uses ripper2ruby
Ruby
9
star
69

rspec-action_view

RSpec addon to simplify creating specs for Rails 3 ActionView extensions
Ruby
8
star
70

cream-app-mongoid

Cream 7.7 demonstration app
Ruby
8
star
71

awd-rails-4th-depot-app

Agile web development with Rails 4th edition - Depot application
Ruby
8
star
72

authorize-mw

Authorization middleware for Node.js and Javascript platform in general (with a little twist)
LiveScript
8
star
73

cancan-permits-demo

Demo of how to use cancan-permits in a Rails 3 app
Ruby
8
star
74

ember-easyform-cli

Experimental fork of ember-easyForm to wrap it as an Ember CLI addon for easy installation
JavaScript
8
star
75

typescript-ast-processor

Process a TypeScript AST using visitors, collectors and instrumentation
TypeScript
7
star
76

red-elements

Node-red UI components as native custom elements
TypeScript
7
star
77

sweetloader

Sweetens up your autoloading of classes and modules
Ruby
7
star
78

ember-factories

Simple Factory library for use with Ember.js
Ruby
7
star
79

geokit-rails3-mongoid

Geokit for Rails 3 using Mongoid
Ruby
7
star
80

facebook-social_plugins

Facebook HTML5 style social plugins for Rails 3
Ruby
7
star
81

ember-cli-emberscript

Adds precompilation of EmberScript files and all the basic generation types to the ember generate command.
JavaScript
7
star
82

rubyproject

A Thor based generator for generating a skeleton Ruby project with Rspec and Cucumber on by default
Ruby
7
star
83

json-schema-model-builder

Infrastructure components to easily process JSON schema and build models from it
JavaScript
7
star
84

semantic-ui-page-layouts

Semantic UI page layouts for common scenarios
HTML
6
star
85

log4r-color

log4r now with color outputs to terminal/console
Ruby
6
star
86

credit_card_icons

Credit card icons for Rails 3 as an engine, using CSS sprites with icons in various sizes and shapes
Ruby
6
star
87

easy_as_pie

Rails asset wrapper for jQuery easy-pie-chart
Ruby
6
star
88

rspec-book-movie-app

The RSpec book movie app implemented for Rails 3 and Rspec 2 with Capybara
Ruby
6
star
89

water-gun

Gun.js API extensions for working with Observables/Streams and CSP channels
JavaScript
6
star
90

rspec-book-views-example

RSpec book views example for RSpec 2.beta11 with Rails 3.b3 and Capybara
Ruby
6
star
91

netzke_widget_generators

Rails 3 generators to quickly generate skeletons for custom Netzke widgets
Ruby
6
star
92

future-gun

Gun.js extensions for Promise and async/await based flow control
JavaScript
6
star
93

concerned

Concerns for Rails
Ruby
5
star
94

cantango-core

The core functionality of CanTango
Ruby
5
star
95

ember-bootstrap-rails

Add ember-bootstrap to your Rails 3.1+ Assets pipeline
JavaScript
5
star
96

koa-marko-example

Convenient Koa.js server setup for rendering pages of a multi page application
JavaScript
5
star
97

ember-big_project

Create a sensible and extensible Ember project structure for big projects ;)
Ruby
5
star
98

aurelia-definitely-typed

Aurelia definition files for registration with TypeScript Definitely Typed registry for use with tsd package manager
TypeScript
5
star
99

geo_point

A GeoPoint encapsulates latitude, longitude and various geo calculations relative to itself
Ruby
5
star
100

qiankun-demo

Qiankun demo app - single-spa Micro Front End (MFE) application
JavaScript
5
star