GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → palkan → Action_policy

palkan / Action_policy

Licence: mit
Authorization framework for Ruby/Rails applications

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

hacktoberfestrailsauthorization

Projects that are alternatives of or similar to Action policy

Active delivery
Ruby framework for keeping all types of notifications (mailers, push notifications, whatever) in one place
Stars: ✭ 388 (-45.96%)
Mutual labels:  hacktoberfest, rails
Product Is
Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
Stars: ✭ 435 (-39.42%)
Mutual labels:  hacktoberfest, authorization
Refinerycms
An extendable Ruby on Rails CMS that supports Rails 6.0+
Stars: ✭ 3,825 (+432.73%)
Mutual labels:  hacktoberfest, rails
Six
Ultra lite authorization library
Stars: ✭ 323 (-55.01%)
Mutual labels:  rails, authorization
Osem
Open Source Event Manager. An event management tool tailored to Free and Open Source Software conferences.
Stars: ✭ 649 (-9.61%)
Mutual labels:  hacktoberfest, rails
Isolator
Detect non-atomic interactions within DB transactions
Stars: ✭ 362 (-49.58%)
Mutual labels:  hacktoberfest, rails
Anyway config
Configuration library for Ruby gems and applications
Stars: ✭ 409 (-43.04%)
Mutual labels:  hacktoberfest, rails
Docker Registry Browser
🐳 Web Interface for the Docker Registry HTTP API V2 written in Ruby on Rails.
Stars: ✭ 239 (-66.71%)
Mutual labels:  hacktoberfest, rails
Webpacker
Use Webpack to manage app-like JavaScript modules in Rails
Stars: ✭ 5,282 (+635.65%)
Mutual labels:  hacktoberfest, rails
Cancancan
The authorization Gem for Ruby on Rails.
Stars: ✭ 5,046 (+602.79%)
Mutual labels:  rails, authorization
Kuby Core
A convention over configuration approach for deploying Rails apps. https://getkuby.io
Stars: ✭ 273 (-61.98%)
Mutual labels:  hacktoberfest, rails
Openfoodnetwork
Connect suppliers, distributors and consumers to trade local produce. We're recruiting paid contributors, link below.
Stars: ✭ 682 (-5.01%)
Mutual labels:  hacktoberfest, rails
Consul
Scope-based authorization for Ruby on Rails.
Stars: ✭ 268 (-62.67%)
Mutual labels:  rails, authorization
Solidus
🛒Solidus, Rails eCommerce System
Stars: ✭ 3,985 (+455.01%)
Mutual labels:  hacktoberfest, rails
Action cable client
A ruby client for interacting with Rails' ActionCable. -- Maintainers Wanted.
Stars: ✭ 245 (-65.88%)
Mutual labels:  hacktoberfest, rails
Laravel Acl
This package helps you to associate users with permissions and permission groups with laravel framework
Stars: ✭ 404 (-43.73%)
Mutual labels:  hacktoberfest, authorization
Yaaf
Easing the form object pattern in Rails applications
Stars: ✭ 161 (-77.58%)
Mutual labels:  hacktoberfest, rails
Rubanok
Parameters-based transformation DSL
Stars: ✭ 161 (-77.58%)
Mutual labels:  hacktoberfest, rails
Matestack Ui Core
Matestack enables you to create sophisticated, reactive UIs in pure Ruby, without touching JavaScript and HTML. You end up writing 50% less code while increasing productivity, maintainability and developer happiness.
Stars: ✭ 469 (-34.68%)
Mutual labels:  hacktoberfest, rails
Plots2
a collaborative knowledge-exchange platform in Rails; we welcome first-time contributors! 🎈
Stars: ✭ 666 (-7.24%)
Mutual labels:  hacktoberfest, rails
View All Similar Projects ➔

Gem Version Build JRuby Build Documentation

Action Policy

Authorization framework for Ruby and Rails applications.

Composable. Extensible. Performant.

📑 Documentation

Sponsored by Evil Martians

Resources

  • RubyRussia, 2019 "Welcome, or access denied?" talk (video [RU], slides)

  • Seattle.rb, 2019 "A Denial!" talk (slides)

  • RailsConf, 2018 "Access Denied" talk (video, slides)

Integrations

Installation

Add this line to your application's Gemfile:

gem "action_policy"

And then execute:

bundle install

Usage

Action Policy relies on resource-specific policy classes (just like Pundit).

First, add an application-specific ApplicationPolicy with some global configuration to inherit from:

class ApplicationPolicy < ActionPolicy::Base
end

This may be done with rails generate action_policy:install generator.

Then write a policy for a resource. For example:

class PostPolicy < ApplicationPolicy
  # everyone can see any post
  def show?
    true
  end

  def update?
    # `user` is a performing subject,
    # `record` is a target object (post we want to update)
    user.admin? || (user.id == record.user_id)
  end
end

This may be done with rails generate action_policy:policy Post generator.

Now you can easily add authorization to your Rails* controller:

class PostsController < ApplicationController
  def update
    @post = Post.find(params[:id])
    authorize! @post

    if @post.update(post_params)
      redirect_to @post
    else
      render :edit
    end
  end
end

* See Non-Rails Usage on how to add authorize! to any Ruby project.

When authorization is successful (i.e., the corresponding rule returns true), nothing happens, but in case of authorization failure ActionPolicy::Unauthorized error is raised.

There is also an allowed_to? method which returns true or false, and could be used, in views, for example:

<% @posts.each do |post| %>
  <li><%= post.title %>
    <% if allowed_to?(:edit?, post) %>
      <%= link_to post, "Edit">
    <% end %>
  </li>
<% end %>

Read more in our Documentation.

Alternatives

There are many authorization libraries for Ruby/Rails applications.

What makes Action Policy different? See this section in our docs.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/palkan/action_policy.

License

The gem is available as open source under the terms of the MIT License.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].