SecureScope
This gem allows you to organize secure scope (permissions) for all 4 restful actions, and grant different user types different access.
Installation
Add this line to your application’s Gemfile:
gem ‘secure_scope’And then execute:
$ bundle
Or install it yourself as:
$ gem install secure_scope
Usage
Add this simple API into a controller you would like to access secure_scopes for.
secure_scope ({
createable: {
coordinator: Comment,
provider: Comment
},
readable: {
coordinator: Comment.all,
provider: lambda { |user| user.readable_comments }
},
updatable: {},
destroyable: {
coordinator: Comment.all,
provider: lambda { |user| user.editable_comments }
}
})
This example will generate 4 usable methods:
createable_secure_scope
readable_secure_scope
updatable_secure_scope
destroyable_secure_scope
When you call each one of these methods they will use the ‘current_authenticated_user’ (your currently logged in user, which must be accessible with that method name) inside this controller, and return the proper scope.
Contributing
- Fork it ( https://github.com/[my-github-username]/secure_scope/fork )
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request