Vlad
Reputation: 462
Rails object based permission/authorization engine?
I want to add "Sharing documents" feature to my app, like in google documents service. As i see:
User can:
- can list/view/create/edit/delete own documents
- share own document to everyone - its a public document
- share own document to another user with read-only access
- share own document to another user with read-write access
- view list of own documents and users to whom he gave permission to read and write
- view list of foreign documents
- view/edit foreign document with read/write permissions
Please tell me, which permission/authorization solution is preffered for my task?
Upvotes: 1
Views: 3217
Answers (1)
Jack Chu
Reputation: 6821
You can look at some authorization plugins available here:
http://www.ruby-toolbox.com/categories/rails_authorization.html
As for object level authorization/permission, it looks like canable can do this:
http://github.com/jnunemaker/canable
From the example in the readme:
class Article
include MongoMapper::Document
include Canable::Ables
userstamps! # adds creator and updater
def updatable_by?(user)
creator == user
end
def destroyable_by?(user)
updatable_by?(user)
end
end
You could also define a viewable_by? method. You would still need some kind of permission fields or association on the document model, but after that you could use canable to simplify authorization in your controller/views.
Upvotes: 2
Related Questions
- How to implement authorization?
- Roles/Permissions Based Authorization Gem with Roles & Permissions in the Database?
- (Ruby,Rails) Role-based authentication and user management...?
- How to implement role-based authorization to only specific attributes of a model in Rails?
- Authorization model for Ruby on Rails
- User permissions in Rails app
- rails flexible authorization
- Rails user authorization
- Ruby on Rails: I need some help designing a gem that will help centralize permissions throughout the app
- Model-level authorization in Rails