Project

rbac

0.01
No release in over 3 years
Low commit activity in last 3 years
rbacsandipkaranjekar/rbacHomepageDocumentationSource CodeBug TrackerWiki
This gem help you to enable your application with RBAC. This have user interface where you can check which permission assign to role.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
3,575
Stars
16
Forks
5
Watchers
2
 Releases
Current version
0.0.1
Total releases
1
First release
2016-12-03
Latest release
2016-12-03
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2017-08-20
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.12
rake
~> 10.0
 Project Readme

RBAC (Role Based Access Control)

Gem Version

RBAC (Role Based Access Control) gem useful to enable your Rails application with the power of RBAC. This gem is helpful to maintain roles, groups and privileges at database table level. You have user interface to manage the roles, groups and privileges.This gem is applicable in the area where you need a multiple roles and privileges. It will fulfil all your needs.

Installation

Add this line to your application's Gemfile:

gem 'rbac'

And then execute:

$ bundle install

Or install it yourself as:

$ gem install rbac

As this gem is database based access control system, so need to run:

$ rails g rbac:migration

after this -

$ rake db:migrate

To setup user interface and backend for RBAC you need to run following generator. It will create necessary controllers, views, models, routes, helper method and associations.

Note - Before this your Rails application have User model

$ rails g rbac:create

Pre-requisites

This gem work with User model only. Generator of this gem add association for User model. In further development we will integrate this with any authentication gem.

Concept

In this there is strong relationship between user, role, group and privilege.

  • User and Role model have many-to-many association User can have multiple roles and Role can have multiple users associated. It's as per your requirements, for this you need to associate roles with user in your add/update users controller/view.

    For example -

    alt text

  • Role and Group model have many-to-many association Here group is set of privileges group together while creating role, user need to assign groups to the role. So automatically privileges associated with this group get assigned to role (indirectly to user). You can access Role and Group UI -

    • http://{host_url}/rbac/roles
    • http://{host_url}/rbac/groups

  • Group and Privilege model have many-to-many association Here Group can have multiple privileges and privilege belongs to many groups. You need to first set privileges with controller and action. If you select privilege under group it will be accessable to role. All privileges are controller and action based.You should have controller and action to set privilege. You can access Privilege UI -

    • http://{host_url}/rbac/privileges

Usage

Here you will have one helper method to check role have access to that resource.

has_permission(user, controller, action)

user = Logged in user active record object controller = For which controller that resource belong action = Action of controller which we need to check for having permission

This method return true and false. Accordingly you can make a decision.

For example -

# In view
<% if has_permission(user, "users", "show") %>
  <%= link_to 'Show', user %>
<% end %>

TODO

  • Support API application means has_permission should work with api permission granting.
  • Integrate with authentication gem.

License

The gem is available as open source under the terms of the MIT License.