https://github.com/foca/hal
Simple authorization framework for ruby
https://github.com/foca/hal
Last synced: 8 months ago
JSON representation
Simple authorization framework for ruby
- Host: GitHub
- URL: https://github.com/foca/hal
- Owner: foca
- License: mit
- Created: 2010-06-28T14:12:24.000Z (about 16 years ago)
- Default Branch: master
- Last Pushed: 2010-06-28T19:11:09.000Z (about 16 years ago)
- Last Synced: 2023-04-10T10:19:51.094Z (about 3 years ago)
- Language: Ruby
- Homepage:
- Size: 93.8 KB
- Stars: 7
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.rdoc
- License: LICENSE
Awesome Lists containing this project
README
= HAL. Minimalist authorization framework for Ruby
HAL is a class-based authorization framework for Ruby. It lets you define
authorization rules on classes, which will then be applied to all instances
of said classes. For example:
class User < Struct.new(:name); end
dave = User.new("Dave")
HAL.rules_for User do
def open_the_pod_bay_doors?
subject.name != "Dave"
end
end
HAL.can(dave).open_the_pod_bay_doors? #=> false
When defining rules you can access a +subject+ method, which will reference
whatever object you pass to +can+.
You also have a more powerful version of can, called can!,
which takes a block and will raise HAL::ICantLetYouDoThat if the
block evaluates to false:
HAL.can!(dave) {|can| can.open_the_pod_bay_doors? } #=> raises!
Finally, you can include +HAL+ into your classes to get +can+ and
can! as helper methods.
class UsersController < ApplicationController
include HAL
before_filter :check_permissions, :only => [:edit, :update, :destroy]
def check_permissions
unless can(current_user).edit_user?(current_user)
redirect_to users_path, :alert => "I can't let you do that, Dave"
end
end
end
== Installing
As a RubyGem
gem install hal
For rails 2.3, add to your config/environment.rb:
config.gem "hal", :lib => "hal/rails"
For rails 3, add to your Gemfile:
gem "hal", :require => "hal/rails"