has_roles

has_roles demonstrates a reference implementation for handling role management.

Resources

API

Bugs

Development

Testing

Source

Mailing List

Description

One of the easiest and most straightforward techniques for adding role management and authorization to specific parts of your application is restricting usage on a controller/action-basis. Each role defined in your system is mapped to one or more permissions. Each permission is a combination of a controller and action.

Usage

Note that this is a reference implementation and, most likely, should be modified for your own usage.

Installation

has_roles requires additional database tables to work. You can generate a migration for these tables like so:

script/generate has_roles

Then simply migrate your database:

rake db:migrate

Adding permissions

To add permissions, you can create an initializer like so:

config/initializers/permissions.rb:

Permission.bootstrap(
  {:id => 1, :controller => 'application'},
  {:id => 2, :controller => 'admin/stats'},
  {:id => 3, :controller => 'comments', :action => 'create'},
  ...
)

Adding / Updating roles

To add / update roles, you can create an initializer like so:

config/initializers/roles.rb:

Role.bootstrap(
  {:id => 1, :name => 'admin'},
  {:id => 2, :name => 'developer'},
  ...
)

RolePermission.bootstrap(
  {:role => 'admin', :permission => 'application/'},
  {:role => 'admin', :permission => 'admin/states/'},
  {:role => 'developer', :permission => 'comments/create'},
  {:role => 'developer', :permission => 'admin/stats/'},
  ...
)

Checking a user's authorization

Below is an example of checking a user's authorization for a url before displaying information:

app/views/layouts/application.rhtml:

<% if authorized_for?(:controller => 'admin/users') %>
<p>Read to start administering your website?</p>
<% end %>

Testing

Before you can run any tests, the following gem must be installed:

To run against a specific version of Rails:

rake test RAILS_FRAMEWORK_ROOT=/path/to/rails

Dependencies