Acts as privilege

Acts as privilege is a plugin for Ruby on Rails that provides the capabilities to restrict controller actions to privileged resources.

This ACL-based security model is designed as a role-based access control, where each role can be a group of users.

Philosophy

General library that does only one thing, without any feature.

Installation

Include the gem in your Gemfile:

gem 'acts_as_privilege'

And run the bundle command. Or as a plugin:

rails plugin install git://github.com/cyril/acts_as_privilege.git

Then, generate files and apply the migration:

rails generate privileges model
rake db:migrate

At this point, Privilege model can be populated with:

rest_actions = %w(index show new create edit update destroy)
controllers = {
  groups:   rest_actions,
  users:    rest_actions,
  articles: rest_actions,
  comments: rest_actions }

Privilege.transaction do
  controllers.each_pair do |controller, actions|
    actions.each do |action|
      Privilege.create! route: [controller, action].join('#')
    end
  end
end

Example

First, let's run commands:

rails generate privileges group
rake db:migrate

Second, let's add this in Group model:

# app/models/group.rb
class Group < ActiveRecord::Base
  acts_as_privilege

  has_many :users
end

Now, check the current user capability to destroy articles:

current_user.group.privilege?('articles#destroy') # => false

And add a form helper that generates the field to manage group privileges:

form_for @group do |f|
  privileges_field f
end

Copyright (c) 2009-2011 Cyril Wack, released under the MIT license