{"id":15064592,"url":"https://github.com/rejonpardenilla/restrictable","last_synced_at":"2025-06-28T05:32:18.510Z","repository":{"id":56892062,"uuid":"120118970","full_name":"rejonpardenilla/restrictable","owner":"rejonpardenilla","description":":policeman: Simple authorization gem for Ruby on Rails.","archived":false,"fork":false,"pushed_at":"2018-05-15T04:20:43.000Z","size":45,"stargazers_count":6,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-02-03T01:11:51.950Z","etag":null,"topics":["devise","gem","restrictable","ruby","ruby-gem","ruby-on-rails","rubygem"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rejonpardenilla.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-03T18:39:58.000Z","updated_at":"2018-05-15T11:58:13.000Z","dependencies_parsed_at":"2022-08-21T00:20:55.878Z","dependency_job_id":null,"html_url":"https://github.com/rejonpardenilla/restrictable","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rejonpardenilla%2Frestrictable","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rejonpardenilla%2Frestrictable/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rejonpardenilla%2Frestrictable/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rejonpardenilla%2Frestrictable/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rejonpardenilla","download_url":"https://codeload.github.com/rejonpardenilla/restrictable/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239108706,"owners_count":19583046,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["devise","gem","restrictable","ruby","ruby-gem","ruby-on-rails","rubygem"],"created_at":"2024-09-25T00:22:07.586Z","updated_at":"2025-02-17T05:31:31.582Z","avatar_url":"https://github.com/rejonpardenilla.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Restrictable\n\n[![Gem Version](https://badge.fury.io/rb/restrictable.svg)](https://badge.fury.io/rb/restrictable)\n\nManage authorization restrictions on Ruby on Rails with [Devise](https://github.com/plataformatec/devise).\nIdeal for controlling actions of 2 or 3 types of users.\n\nRestrict user roles from doing specific actions on the controller with two simple controller helpers:\n\n```ruby\nonly_allow :cutom_user_role, to: :some_action_in_the_controller\nprevent :another_user_role, to: :some_other_action\n```\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'restrictable'\n```\n\nAnd then execute:\n\n    $ bundle\n\n\n## Usage\n\nAfter adding a `User` model with [Devise](https://github.com/plataformatec/devise#getting-started), run the following migration:\n\n```\n$ rails generate migration AddRoleToUsers role:integer\n```\n\nYour migration and model should look like this:\n\n```ruby\nclass AddRoleToUsers \u003c ActiveRecord::Migration[5.1]\n  def change\n    add_column :users, :role, :integer, default: 0\n  end\nend\n```\n\n```ruby\nclass User \u003c ApplicationRecord\n  devise  :database_authenticatable, :recoverable,\n          :rememberable, :trackable, :validatable,\n\n  enum role: [:guest, :content_creator, :admin]\nend\n```\n\nAnd now you can take advantage of the simple controller methods:\n\n```ruby\nclass PostsController \u003c ApplicationController\n  only_allow :admin, to: :destroy\n  prevent :guest, to: [:create, :update]\n\n  def create\n  end\n\n  def update\n  end\n\n  def destroy\n  end\nend\n```\n\n## Advanced Usage\n\nAdditionally you can match your implementation with `Restrictable` simply overriding controller methods. You can do this on the `ApplicationController` level or in your Controller.\n\n#### Example of use:\n\n```ruby\nclass ApplicationController \u003c ActionController::Base\n  protect_from_forgery with: :exception\n  before_action :authenticate_user!\n\n  # `on_forbidden_action` is called when a user role doesn't have \n  # permission to access the controller method.\n  def on_forbidden_action\n    head :forbidden\n  end\n\n  # `should_prevent?(role)` is used to check when a role should be\n  # prevented.\n  # Called by the `prevent` helper and should return a boolean value.\n  def should_prevent?(role)\n    current_user.role == role\n  end\n\n  # `should_only_allow?(role)` is used to check when a role should be\n  # allowed.\n  # Called by the `only_allow` helper and should return a boolean value.\n  def should_only_allow?(role)\n    current_user.role != role\n  end\nend\n```\n\nFor example, if we want to implement `Restrictable` on an application that already have implemented users roles with the model `Seller` with devise and the attribute `responsability`. Our controller will be something like this:\n\n```ruby\nclass SellersController \u003c ApplicationController\n  only_allow :national_seller, to: :delete\n  prevent :local_seller, to: :new, :update\n\n  def should_prevent?(role)\n    @seller.responsability == role\n  end\n\n  def should_only_allow?(role)\n    @seller.responsability != role\n  end\n\n  # ...\nend\n```\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Roadmap\n\n- [x] Controller helpers\n- [x] Controller override methods\n- [ ] View helpers\n- [ ] Review flexibility on implementation\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/rejonpardenilla/restrictable. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n\n## Code of Conduct\n\nEveryone interacting in the Restrictable project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/restrictable/blob/master/CODE_OF_CONDUCT.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frejonpardenilla%2Frestrictable","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frejonpardenilla%2Frestrictable","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frejonpardenilla%2Frestrictable/lists"}