Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/serradura/u-authorization

Simple authorization library and role managment for Ruby
https://github.com/serradura/u-authorization

authorization permissions role-based-authorization ruby ruby-gem

Last synced: 24 days ago
JSON representation

Simple authorization library and role managment for Ruby

Host: GitHub
URL: https://github.com/serradura/u-authorization
Owner: serradura
License: mit
Created: 2019-07-26T18:12:45.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2020-10-18T16:18:50.000Z (about 4 years ago)
Last Synced: 2024-10-03T05:41:13.290Z (about 1 month ago)
Topics: authorization, permissions, role-based-authorization, ruby, ruby-gem
Language: Ruby
Homepage: https://rubygems.org/gems/u-authorization
Size: 84 KB
Stars: 6
Watchers: 1
Forks: 0
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        ![Ruby](https://img.shields.io/badge/ruby-2.2+-ruby.svg?colorA=99004d&colorB=cc0066)

[![Gem](https://img.shields.io/gem/v/u-authorization.svg?style=flat-square)](https://rubygems.org/gems/u-authorization)

[![Build Status](https://travis-ci.com/serradura/u-authorization.svg?branch=master)](https://travis-ci.com/serradura/u-authorization)

[![Maintainability](https://api.codeclimate.com/v1/badges/19251112cf39afdf8bf6/maintainability)](https://codeclimate.com/github/serradura/u-authorization/maintainability)

[![Test Coverage](https://api.codeclimate.com/v1/badges/19251112cf39afdf8bf6/test_coverage)](https://codeclimate.com/github/serradura/u-authorization/test_coverage)

# µ-authorization

Simple authorization library and role managment for Ruby.

## Required Ruby version

> \>= 2.2.0

## Installation

Add this line to your application's Gemfile:

```

gem 'u-authorization'

```

And then execute:

```

$ bundle

```

Or install it yourself as:

```

$ gem install u-authorization

```

## Usage

```ruby

  require 'ostruct'

  require 'u-authorization'

  module Permissions

    ADMIN = {

      'visit'  => { 'any' => true },

      'export' => { 'any' => true }

    }

    USER = {

      'visit'  => { 'except' => ['billings'] },

      'export' => { 'except' => ['sales'] }

    }

    ALL = {

      'admin' => ADMIN,

      'user'  => USER

    }

    def self.to(role)

      ALL.fetch(role, 'user')

    end

  end

  user = OpenStruct.new(id: 1, role: 'user')

  class SalesPolicy < Micro::Authorization::Policy

    def edit?(record)

      user.id == record.user_id

    end

  end

  authorization = Micro::Authorization::Model.build(

    permissions: Permissions.to(user.role),

    policies: { default: :sales, sales: SalesPolicy },

    context: {

      user: user,

      to_permit: ['dashboard', 'controllers', 'sales', 'index']

    }

  )

  # Info about the `context` data:

  #   1. :to_permit is a required key

  #     1.1. :permissions is an alternative of :to_permit key.

  #   2. :user is an optional key

  #   3. Any key different of :permissions, will be passed as a policy context.

  # Verifying the permissions for the given context

  authorization.permissions.to?('visit')  #=> true

  authorization.permissions.to?('export') #=> false

  # Verifying permission for a given feature in different contexts

  has_permission_to = authorization.permissions.to('export')

  has_permission_to.context?('billings') #=> true

  has_permission_to.context?('sales')    #=> false

  charge = OpenStruct.new(id: 2, user_id: user.id)

  # The #to() method fetch and build a policy.

  authorization.to(:sales).edit?(charge)   #=> true

  # :default is the only permitted key to receive

  # another symbol as a value (a policy reference).

  authorization.to(:default).edit?(charge) #=> true

  # #policy() method has a similar behavior of #to(),

  # but if there is a policy defined as ":default", it will be fetched and instantiated by default.

  authorization.policy.edit?(charge)         #=> true

  authorization.policy(:sales).edit?(charge) #=> true

  # Cloning the authorization changing only its context.

  new_authorization = authorization.map(context: [

    'dashboard', 'controllers', 'billings', 'index'

  ])

  new_authorization.permissions.to?('visit') #=> false

  authorization.equal?(new_authorization) #=> false

  #========================#

  # Multi role permissions #

  #========================#

  authorization = Micro::Authorization::Model.build(

    permissions: [Permissions::USER, Permissions::ADMIN], # An array of permissions

    policies: { default: :sales, sales: SalesPolicy },

    context: {

      user: user,

      to_permit: ['dashboard', 'controllers', 'sales', 'index']

    }

  )

  authorization.permissions.to?('visit')  #=> true

  authorization.permissions.to?('export') #=> true

  has_permission_to = authorization.permissions.to('export')

  has_permission_to.context?('billings') #=> true

  has_permission_to.context?('sales')    #=> true

```

## Original implementation

https://gist.github.com/serradura/7d51b979b90609d8601d0f416a9aa373