{"id":22862739,"url":"https://github.com/nedap/ostiary","last_synced_at":"2025-03-31T08:46:50.126Z","repository":{"id":45991106,"uuid":"79425834","full_name":"nedap/ostiary","owner":"nedap","description":"Limit access to controllers/actions","archived":false,"fork":false,"pushed_at":"2023-03-28T11:54:57.000Z","size":42,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-03-25T04:07:55.246Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nedap.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-01-19T07:07:43.000Z","updated_at":"2022-07-28T13:29:25.000Z","dependencies_parsed_at":"2023-01-22T00:48:47.753Z","dependency_job_id":null,"html_url":"https://github.com/nedap/ostiary","commit_stats":null,"previous_names":[],"tags_count":21,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nedap%2Fostiary","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nedap%2Fostiary/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nedap%2Fostiary/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nedap%2Fostiary/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nedap","download_url":"https://codeload.github.com/nedap/ostiary/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246443525,"owners_count":20778247,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-13T10:14:40.887Z","updated_at":"2025-03-31T08:46:50.109Z","avatar_url":"https://github.com/nedap.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ostiary\n\nAn ostiarius, a Latin word sometimes anglicized as ostiary but often literally translated as porter or doorman, originally was a servant or guard posted at the entrance of a building. See also gatekeeper.\n\n## Functionality\n\n[![CircleCI Status](https://circleci.com/gh/nedap/ostiary.svg?style=svg)](https://circleci.com/gh/nedap/ostiary)\n\nThis gem will help you enforce 'policies' when viewing controllers/actions.\nThis is done by requiring certain roles for controllers, where you can\noptionally include or exclude certain actions.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'ostiary'\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install ostiary\n\n## Usage\n\n### Primary setup\n\nIn your base Controller class do the following for Rails:\n\n```ruby\n# This class creates a class accessor called :ostiary on each (inherited) controller.\n#  With each controller created, it will stack the policies you add\ninclude Ostiary::ControllerHelper\n\nbefore_filter :ensure_authorized!\n\n# Because each ostiary is unique for a controller, you only have to supply the current action.\n#  With this, it can check if there are certain policies that will be broken.\ndef ensure_authorized!\n  self.class.ostiary.authorize!(action) do |name|\n    # Your authorization method using name.\n    #  e.g. `current_user.has_right?(name)`\n  end\nrescue Ostiary::PolicyBroken =\u003e error\n  # We re-raise the Error as a RoutingError in Rails\n  #  You can also do `return head :forbidden` if that's more in line with your needs.\n  raise ActionController::RoutingError.new(error.message)\nend\n```\n\n### Securing controllers\n\nIn each controller you wish to secure, you can call `ostiary_policy`, just like `before_filter` \u0026 `after_filter` of Rails.\n\n```ruby\n# Require the :list role on the entire controller\nostiary_policy :list\n\n# Require the :view role only on the index \u0026 show actions\nostiary_policy :view, only: [:index, :show]\n\n# Require the :edit role except on the index \u0026 show actions\nostiary_policy :edit, except: [:index, :show]\n```\n\nThese policies will be added to the ostiary instance created for each Controller Class. It will also include each policy inherited from parent classes.\n\n### Checking for a right\n\nYou can also ask if a user is authorized to access to a certain path (url).\n\nin your Controller:\n\n```ruby\ndef authorized?(path)\n  # recognize_path is a Rails Routing helper that will return a hash with the controller\n  #  and action of the path you supplied. We'll have to transform that String of the\n  #  controller into an actual Class.\n  return false unless route = Rails.application.routes.recognize_path(path)\n  requested_controller = \"#{route[:controller]}_controller\".camelize.constantize\n  requested_controller.ostiary.authorized?(route[:action]) do |role|\n    # Your authorization method using name.\n  end\nend\n```\n\n## License\n\nostiary is Copyright 2017 nedap and released under the MIT license which you should find included in the [LICENSE.txt](LICENSE.txt) file.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnedap%2Fostiary","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnedap%2Fostiary","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnedap%2Fostiary/lists"}