Project

action_authorization

0.0
No release in over a year
action_authorizationwwidea/action_authorizationHomepageDocumentationSource CodeBug TrackerWiki
A base policy class for authorizing controller actions with access to the current_user and object.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
7,906
Stars
0
Forks
0
Watchers
3
 Releases
Current version
0.3.0
Total releases
5
First release
2019-01-11
Latest release
2023-01-30
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
1
Merged Pull Requests
15
Pull Request Acceptance Rate
93%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2023-06-07
Reverse Dependencies
0

 Dependencies

Runtime

activesupport
>= 5.0
 Project Readme

ActionAuthorization

A base policy class for authorizing controller actions with access to the current_user and object.

Installation

Add this line to your application's Gemfile:

gem 'action_authorization'

And then execute:

bundle

Or install it with:

gem install action_authorization

Requirements

ActionAuthorization requires a current_user method that returns the currently logged in user.

Usage

Include the ActionAuthorization module in your ApplicationController (or indvidual controller(s))

class ApplicationController < ActionController::Base
  include ActionAuthorization
end

Create an authorization policy for a resource.

class DocumentPolicy < ActionAuthorization::BasePolicy
  def show?
    document.owner == user
  end
end

Call authorize method in controller action.

class DocumentController < ApplicationController
  def show
    @document = authorize(Document.find(params[:id]))
  end
end

Pass a policy_class to authorize to override the default resource based policy.

class DocumentController < ApplicationController
  def show
    @document = authorize(Document.find(params[:id]), policy_class: UserOwnerPolicy)
  end
end

Check if authorized before displaying a link in the view.

<%= link_to(@document.name, @document) if policy(@document).show? %>

License

The gem is available as open source under the terms of the MIT License.