{"id":30696634,"url":"https://github.com/adamliesko/righter","last_synced_at":"2025-09-02T08:44:25.103Z","repository":{"id":56892262,"uuid":"42353068","full_name":"adamliesko/righter","owner":"adamliesko","description":"Rails role based security authorization engine for your user models and resources","archived":false,"fork":false,"pushed_at":"2020-01-23T22:25:49.000Z","size":55,"stargazers_count":1,"open_issues_count":5,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-08-28T08:16:20.397Z","etag":null,"topics":["authorization","cancancan","role-based-access-control"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adamliesko.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-09-12T10:23:41.000Z","updated_at":"2017-10-23T18:50:55.000Z","dependencies_parsed_at":"2022-08-20T16:10:22.978Z","dependency_job_id":null,"html_url":"https://github.com/adamliesko/righter","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/adamliesko/righter","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamliesko%2Frighter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamliesko%2Frighter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamliesko%2Frighter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamliesko%2Frighter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adamliesko","download_url":"https://codeload.github.com/adamliesko/righter/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamliesko%2Frighter/sbom","scorecard":{"id":165351,"data":{"date":"2025-08-11","repo":{"name":"github.com/adamliesko/righter","commit":"92d7b9a0b00aab72b712a2d0eb52fc40792f7ede"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 1/11 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 1 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"103 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h47h-mwp9-c6q6","Warn: Project is vulnerable to: GHSA-4g8v-vg43-wpgf","Warn: Project is vulnerable to: GHSA-78rc-8c29-p45g","Warn: Project is vulnerable to: GHSA-7wjx-3g7j-8584","Warn: Project is vulnerable to: GHSA-8xww-x3g3-6jcv","Warn: Project is vulnerable to: GHSA-9h6g-gp95-x3q5","Warn: Project is vulnerable to: GHSA-ffpv-c4hm-3x6v","Warn: Project is vulnerable to: GHSA-hjg4-8q5f-x6fm","Warn: Project is vulnerable to: GHSA-p84v-45xj-wwqj","Warn: Project is vulnerable to: GHSA-vfg9-r3fq-jvx4","Warn: Project is vulnerable to: GHSA-x76w-6vjr-8xgj","Warn: Project is vulnerable to: GHSA-xrr4-p6fq-hjg7","Warn: Project is vulnerable to: GHSA-65cv-r6x7-79hv","Warn: Project is vulnerable to: GHSA-86g5-2wh3-gc9j","Warn: Project is vulnerable to: GHSA-cfjv-5498-mph5","Warn: Project is vulnerable to: GHSA-ch3h-j2vf-95pv","Warn: Project is vulnerable to: GHSA-cr3x-7m39-c6jq","Warn: Project is vulnerable to: GHSA-m63j-wh5w-c252","Warn: Project is vulnerable to: GHSA-pc3m-v286-2jwj","Warn: Project is vulnerable to: GHSA-q2qw-rmrh-vv42","Warn: Project is vulnerable to: GHSA-543v-gj2c-r3ch","Warn: Project is vulnerable to: GHSA-3hhc-qp5v-9p2j","Warn: Project is vulnerable to: GHSA-579w-22j4-4749","Warn: Project is vulnerable to: GHSA-pr3r-4wrp-r2pv","Warn: Project is vulnerable to: GHSA-xrr6-3pc4-m447","Warn: Project is vulnerable to: GHSA-j6gc-792m-qgm2","Warn: Project is vulnerable to: GHSA-pj73-v5mw-pm9j","Warn: Project is vulnerable to: GHSA-23c2-gwp5-pxw9","Warn: Project is vulnerable to: GHSA-34hf-g744-jw64","Warn: Project is vulnerable to: GHSA-jphg-qwrw-7w9g","Warn: Project is vulnerable to: GHSA-486f-hjj9-9vhh","Warn: Project is vulnerable to: GHSA-c3gv-9cxf-6f57","Warn: Project is vulnerable to: GHSA-g4xq-jx4w-4cjv","Warn: Project is vulnerable to: GHSA-x7rv-cr6v-4vm4","Warn: Project is vulnerable to: GHSA-242x-7cm6-4w8j","Warn: Project is vulnerable to: GHSA-286v-pcf5-25rc","Warn: Project is vulnerable to: GHSA-2qc6-mcvw-92cw","Warn: Project is vulnerable to: GHSA-2rr5-8q37-2w7h","Warn: Project is vulnerable to: GHSA-353f-x4gh-cqq8","Warn: Project is vulnerable to: GHSA-4hm9-844j-jmxp","Warn: Project is vulnerable to: GHSA-59gp-qqm7-cw4j","Warn: Project is vulnerable to: GHSA-5w6v-399v-w3cc","Warn: Project is vulnerable to: GHSA-6qvp-r6r3-9p7h","Warn: Project is vulnerable to: GHSA-7553-jr98-vx47","Warn: Project is vulnerable to: GHSA-7hp2-xwpj-95jq","Warn: Project is vulnerable to: GHSA-7rrm-v45f-jp64","Warn: Project is vulnerable to: GHSA-882p-jqgm-f45g","Warn: Project is vulnerable to: GHSA-8c56-cpmw-89x7","Warn: Project is vulnerable to: GHSA-cf46-6xxh-pc75","Warn: Project is vulnerable to: GHSA-cgx6-hpwq-fhv5","Warn: Project is vulnerable to: GHSA-cr5j-953j-xw5p","Warn: Project is vulnerable to: GHSA-crjr-9rc5-ghw8","Warn: Project is vulnerable to: GHSA-fq42-c5rg-92c2","Warn: Project is vulnerable to: GHSA-fr52-4hqw-p27f","Warn: Project is vulnerable to: GHSA-gx8x-g87m-h5q6","Warn: Project is vulnerable to: GHSA-jc36-42cf-vqwj","Warn: Project is vulnerable to: GHSA-jw9f-hh49-cvp9","Warn: Project is vulnerable to: GHSA-jxjr-5h69-qw3w","Warn: Project is vulnerable to: GHSA-mrxw-mxhj-p664","Warn: Project is vulnerable to: GHSA-pf6m-fxpq-fg8v","Warn: Project is vulnerable to: GHSA-pxvg-2qj5-37jq","Warn: Project is vulnerable to: GHSA-q7wx-62r7-j2x7","Warn: Project is vulnerable to: GHSA-qxcg-xjjg-66mj","Warn: Project is vulnerable to: GHSA-r58r-74gx-6wx3","Warn: Project is vulnerable to: GHSA-r95h-9x8f-r3f7","Warn: Project is vulnerable to: GHSA-v4f8-2847-rwm7","Warn: Project is vulnerable to: GHSA-v6gp-9mmm-c6p5","Warn: Project is vulnerable to: GHSA-vmfx-gcfq-wvm2","Warn: Project is vulnerable to: GHSA-vr8q-g5c7-m54m","Warn: Project is vulnerable to: GHSA-vvfq-8hwr-qm4m","Warn: Project is vulnerable to: GHSA-x2fm-93ww-ggvx","Warn: Project is vulnerable to: GHSA-xc9x-jj77-9p9j","Warn: Project is vulnerable to: GHSA-xh29-r2w5-wx8m","Warn: Project is vulnerable to: GHSA-xjqg-9jvg-fgx2","Warn: Project is vulnerable to: GHSA-xxx9-3xcr-gjj3","Warn: Project is vulnerable to: GHSA-22f2-v57c-j9cx","Warn: Project is vulnerable to: GHSA-3h57-hmj3-gj3p","Warn: Project is vulnerable to: GHSA-54rr-7fvw-6x8f","Warn: Project is vulnerable to: GHSA-5f9h-9pjv-v6j7","Warn: Project is vulnerable to: GHSA-5r2p-j47h-mhpg","Warn: Project is vulnerable to: GHSA-65f5-mfpf-vfhj","Warn: Project is vulnerable to: GHSA-7g2v-jj9q-g3rg","Warn: Project is vulnerable to: GHSA-7wqh-767x-r66v","Warn: Project is vulnerable to: GHSA-8cgq-6mh2-7j6v","Warn: Project is vulnerable to: GHSA-gjh7-p2fx-99vx","Warn: Project is vulnerable to: GHSA-hrqr-hxpp-chr3","Warn: Project is vulnerable to: GHSA-hxqx-xwvh-44m2","Warn: Project is vulnerable to: GHSA-j6w9-fv6q-3q52","Warn: Project is vulnerable to: GHSA-vpfw-47h7-xj4g","Warn: Project is vulnerable to: GHSA-wq4h-7r42-5hrr","Warn: Project is vulnerable to: GHSA-xj5v-6v4g-jfw6","Warn: Project is vulnerable to: GHSA-59c7-4xj2-hgvw","Warn: Project is vulnerable to: GHSA-5x79-w82f-gw8w","Warn: Project is vulnerable to: GHSA-9h9g-93gc-623h","Warn: Project is vulnerable to: GHSA-ghqm-pgxj-37gq","Warn: Project is vulnerable to: GHSA-pg8v-g4xq-hww9","Warn: Project is vulnerable to: GHSA-px3r-jm9g-c8w8","Warn: Project is vulnerable to: GHSA-r9c2-cr39-c8g6","Warn: Project is vulnerable to: GHSA-rrfc-7g8p-99q8","Warn: Project is vulnerable to: GHSA-jppv-gw3r-w3q8","Warn: Project is vulnerable to: GHSA-pr3h-jjhj-573x","Warn: Project is vulnerable to: GHSA-mqcp-p2hv-vw6x","Warn: Project is vulnerable to: GHSA-5cm2-9h8c-rvfx"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T14:39:30.994Z","repository_id":56892262,"created_at":"2025-08-16T14:39:30.994Z","updated_at":"2025-08-16T14:39:30.994Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273257786,"owners_count":25073531,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-02T02:00:09.530Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authorization","cancancan","role-based-access-control"],"created_at":"2025-09-02T08:44:20.775Z","updated_at":"2025-09-02T08:44:25.048Z","avatar_url":"https://github.com/adamliesko.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Righter\n[![Gem Version](https://badge.fury.io/rb/righter.svg)](http://badge.fury.io/rb/righter)\n[![Build Status](https://travis-ci.org/adamliesko/righter.svg)](https://travis-ci.org/adamliesko/righter)\n[![Coverage Status](https://coveralls.io/repos/adamliesko/righter/badge.svg?branch=master\u0026service=github)](https://coveralls.io/github/adamliesko/righter?branch=master)\n[![Codeclimate](https://d3s6mut3hikguw.cloudfront.net/github/adamliesko/righter/badges/gpa.svg)](https://d3s6mut3hikguw.cloudfront.net/github/adamliesko/righter/badges/gpa.svg)\n[![CI Docs](https://inch-ci.org/github/adamliesko/righter.svg?branch=master)](https://inch-ci.org/github/adamliesko/righter.svg?branch=master)\n[![Join the chat at https://gitter.im/adamliesko/righter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/adamliesko/righter?utm_source=badge\u0026utm_medium=badge\u0026utm_campaign=pr-badge\u0026utm_content=badge)\n\nRighter is a Ruby on Rails security engine, which is based on `Roles`, `Resources` and `User` models. You can think of it as ab authorization engine, that provides somewhat similar features to the [Pundit](https://github.com/elabs/pundit) and [cancancan](https://github.com/CanCanCommunity/cancancan) albeit from a very different viewpoint. The difference is that Righter allows you to define those rights on the database level and tie them up to your User model (which can be in fact any Model). With Righter you can restrict and control access on the `resource_class` level or `resource_id` level as you will see in the examples. Currently on version `0.0.1 `only `ActiveRecord` is supported. \n\n## Installation\nIn **Rails 4 and 5**, add this to your Gemfile and run the `bundle install` command.\n```ruby\n    gem 'righter', '~\u003e 0.0.1'\n```\n  \n## Getting Started\nRighter bring two important models into the game - `RighterRole` and `RighterRight`. The third one, which roles and rights are associated with is your `User` model (abstract) - that you can specify to be for example `Subscriber` or `Player`.\n\n### User\nRighter expects from your user model to define a `.current_user` method that should represent the current user interacting with the application whether it is in case of rights and role management or in any other case. As mentioned previously you can safely use any other of your Models to act as a `User` in Righter. By including `RighterForUser` you enable RIghter to provide you the relation with roles and whole right management.\n\n```ruby\nclass User \u003c ActiveRecord::Base\n  include RighterForUser\n  cattr_accessor :current_user\nend\n```\nMost probably you would like to add or remove roles and check whether a `User` has a right to do concrete action on a certain `Resource`. For these use cases Righter provides `add_role`, `remove_role` and `can?` methods.\n\n\n### Controller\nThe general idea behind Controller addition is to include it directly to your `ApplicationController`, hence the name of the module `RighterForApplicationController`. \n```ruby\nclass ApplicationController \u003c ActionController::Base\n  # Prevent CSRF attacks by raising an exception.\n  # For APIs, you may want to use :null_session instead.\n  protect_from_forgery with: :exception\n  include RighterForApplicationController\nend\n```\n\nThis Controller addition brings up two useful methods `enforce_righter` and `enforce_resource_security`. The `enforce_righter` is implemented as a `before_filter`/`before_action` method,  which automatically checks for a certain `User` whether he can access this concrete controller `action`. There are situations in which you would probably prefer to skip these filter - e.g. - unsigned user, public page etc. What need a more closer look from you as a developer is method `enforce_resource security` which acts as a `load_and_authorize_resource` in [cancancan](https://github.com/CanCanCommunity/cancancan) .\n\n```ruby\nclass SongsController \u003c ApplicationController\n  def show\n    @song = Song.find(params[:id])\n  end\n\n  def play\n    @song = Song..find(params[:id])\n    enforce_resource_security(:play, @song)\n    render :play\n  end\n\n  def promote\n    @song = Song.find(params[:id])\n    enforce_resource_security(:promote, @song)\n    render :promote\n  end\nend\n```\n\n\n### Resource\nIn your Resource models you have to inject `RighterForResource` module.\n```ruby\nclass Song \u003c ActiveRecord::Base\n  include RighterForResource\n```\nIn order to enable advanced and convenient feature of auto management of rights, go ahead and use `auto_manage_righter_right` method with right's name. By default, the right is created and destroyed automatically for each of your `RighterRoles` on respective occasions. With the `auto_associate_roles` option you can specify an array of names of your `RighterRoles` for which you want to enable the `auto_manage_righter_right` method.\n\n```ruby\n class Song \u003c ActiveRecord::Base\n   include RighterForResource\n   auto_manage_righter_right :play\n   auto_manage_righter_right :promote, auto_associate_roles: [:admin, :vip]\n```\nRighter allows you to nest and structure your rights as a tree with the use of a `parent_right` option, which also accepts a lambda block of code to define the `parent_right`.\n```ruby\nauto_manage_righter_right :delete, parent_right: -\u003e(song) { song.album.righter_right(:build).name }\n```\n\nFor a more detailed and concrete example of righter usage, please do take a look at the [dummy app](https://github.com/adamliesko/righter/tree/master/test/dummy) located in the tests folder. For explanation of some of the edge use cases consider the tests.\n\n### Errors\nRighter implements three separate Exceptions, which are always being filled with detailed and descriptive message to help you figure out your trouble. \n```ruby\nclass RighterError \u003c StandardError\nend\n\nclass RighterArgumentError \u003c StandardError\nend\n\nclass RighterNoUserError \u003c RighterError\nend\n```\n## I want to help! Contributions guide\n\n1. [Clone the repo](https://help.github.com/articles/importing-a-git-repository-using-the-command-line/).\n2. [Create a separate branch](https://github.com/Kunena/Kunena-Forum/wiki/Create-a-new-branch-with-git-and-manage-branches) (to prevent unrelated updates).\n3. Apply your changes.\n4. [Create a pull request](https://help.github.com/articles/creating-a-pull-request/).\n5. Describe what has been done.\n\n### License\nThe MIT License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadamliesko%2Frighter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadamliesko%2Frighter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadamliesko%2Frighter/lists"}