dzaporozhets / Six
Licence: mit
Ultra lite authorization library
Stars: ✭ 323
Programming Languages
ruby
36898 projects - #4 most used programming language
Labels
Projects that are alternatives of or similar to Six
Access Granted
Multi-role and whitelist based authorization gem for Rails (and not only Rails!)
Stars: ✭ 733 (+126.93%)
Mutual labels: rails, authorization
Cancancan
The authorization Gem for Ruby on Rails.
Stars: ✭ 5,046 (+1462.23%)
Mutual labels: rails, authorization
Banken
Simple and lightweight authorization library for Rails
Stars: ✭ 247 (-23.53%)
Mutual labels: rails, authorization
Action policy
Authorization framework for Ruby/Rails applications
Stars: ✭ 718 (+122.29%)
Mutual labels: rails, authorization
Monarchy
Hierarchical access management system with advanced roles inheritance. 🦋
Stars: ✭ 48 (-85.14%)
Mutual labels: rails, authorization
Simonsays
💂 Simple, declarative, role-based access control system for Rails and Ruby
Stars: ✭ 245 (-24.15%)
Mutual labels: rails, authorization
Consul
Scope-based authorization for Ruby on Rails.
Stars: ✭ 268 (-17.03%)
Mutual labels: rails, authorization
Lifelong Learning
✅ ✅ ✅ A massive repo filled with notes on everything from coding to philosophy to psychology to marketing to product
Stars: ✭ 297 (-8.05%)
Mutual labels: rails
Devise token auth
Token based authentication for Rails JSON APIs. Designed to work with jToker and ng-token-auth.
Stars: ✭ 3,263 (+910.22%)
Mutual labels: rails
Tapping device
TappingDevice makes objects tell you what they do, so you don't need to track them yourself.
Stars: ✭ 296 (-8.36%)
Mutual labels: rails
Paul revere
A library for "one off" announcements in Rails apps.
Stars: ✭ 299 (-7.43%)
Mutual labels: rails
Annon.api
Configurable API gateway that acts as a reverse proxy with a plugin system.
Stars: ✭ 306 (-5.26%)
Mutual labels: authorization
Housepricing
HousePricing旨在提供房价的可视化预测,帮助用户更好的评估房产和预测未来的价格(dev)
Stars: ✭ 314 (-2.79%)
Mutual labels: rails
Keycloak Nodejs Admin Client
🔑 NodeJS keycloak admin client
Stars: ✭ 309 (-4.33%)
Mutual labels: authorization
Enumerate it
Enumerations for Ruby with some magic powers! 🎩
Stars: ✭ 300 (-7.12%)
Mutual labels: rails
Securing Restful Apis With Jwt
How to secure a Nodejs RESTful CRUD API using JSON web tokens?
Stars: ✭ 301 (-6.81%)
Mutual labels: authorization
Six - is a simple authorization gem for Ruby!
based on clear ruby it can be used for Rails applications or any other framework
Installation
gem install six
QuickStart
4 steps:
-
create abilities object
abilities = Six.new
-
create object/class with allowed method - here you'll put conditions to define abilities
class BookRules def self.allowed(author, book) [:read_book, :edit_book] end end
-
Add object with your rules to abilities
abilities << BookRules # true
-
Thats all. Now you can check abilities. In difference to CanCan it doesnt use current_user method. you manually pass object & subject.
abilities.allowed?(@user, :read_book, @book) # true
Usage with Rails
# Controller
# application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery
helper_method :abilities, :can?
protected
def abilities
@abilities ||= Six.new
end
# simple delegate method for controller & view
def can?(object, action, subject)
abilities.allowed?(object, action, subject)
end
end
# books_controller.rb
class BooksController < ApplicationController
before_action :add_abilities
before_action :load_author
def show
@book = Book.find(params[:id])
head(404) and return unless can?(:guest, :read_book, @book)
end
def edit
@book = Book.find(params[:id])
head(404) and return unless can?(@author, :edit_book, @book)
end
protected
def add_abilities
abilities << Book
end
def load_author
@author = Author.find_by_id(params[:author_id])
end
end
# Model
class Book < ActiveRecord::Base
belongs_to :author
def self.allowed(object, subject)
rules = []
return rules unless subject.instance_of?(Book)
rules << :read_book if subject.public?
rules << :edit_book if object && object.id == subject.author_id
rules
end
end
# View
link_to 'Edit', edit_book_path(book) if can?(@author, :edit_book, @book)
Ruby Usage
class BookRules
# All authorization works on objects with method 'allowed'
# No magic behind the scene
# You can put this method to any class or object you want
# It should always return array
# And be ready to get nil in args
def self.allowed(author, book)
rules = []
# good practice is to check for object type
return rules unless book.instance_of?(Book)
rules << :read_book if book.published?
rules << :edit_book if book.author?(author)
# you are free to write any conditions you need
if book.author?(author) && book.is_approved? # ....etc...
rules << :publish_book
end
rules # return array of abilities
end
end
# create abilities object
abilities = Six.new
# add rules
abilities << BookRules # true
# thats all - now we can use it!
abilities.allowed? guest, :read_book, unpublished_book # false
abilities.allowed? guest, :read_book, published_book # true
abilities.allowed? guest, :edit_book, book # false
abilities.allowed? author, :edit_book, book # true
abilities.allowed? guest, :remove_book, book # false
:initialization
# simple
abilities = Six.new
# with rules
abilities = Six.new(:book_rules => BookRules) # same as Six.new & add(:book_rules, BookRules)
# with more
abilities = Six.new(:book => BookRules,
:auth => AuthRules,
:managment => ManagerRules)
Adding rules
abilities = Six.new
# 1. simple (recommended)
# but you cant use abilities.use(:book_rules) to
# search over book namespace only
abilities << BookRules
# 2. advanced
# now you can use abilities.use(:book_rules) to
# search over book namespace only
abilities.add(:book_rules, BookRules)
:allowed?
abilities = Six.new
abilities << BookRules
abilities.allowed? @guest, :read_book, @book # true
abilities.allowed? @guest, :edit_book, @book # false
abilities.allowed? @guest, :rate_book, @book # true
abilities.allowed? @guest, [:read_book, :edit_book], @book # false
abilities.allowed? @guest, [:read_book, :rate_book], @book # true
:use
abilities.add(:book_rules, BookRules)
abilities.add(:car_rules, CarRules)
abilities.allowed? ... # scan for both BookRules & CarRules & require kind_of check
abilities.use(:book_rules)
abilities.allowed? ... # use rules from BookRules only -> more perfomance
Namespaces
class BookRules
def self.allowed(author, book)
[:read_book, :edit_book, :publish_book]
end
end
class CarRules
def self.allowed(driver, car)
[:drive, :sell]
end
end
# init object
abilities = Six.new
# add packs with namespace support
abilities.add(:book, BookRules) # true
abilities.add(:car, CarRules) # true
abilities.add(:ufo, nil) # false
abilities.add!(:ufo, nil) # raise Six::InvalidPackPassed
# use specific pack for rules (namespace)
abilities.use(:book) # true
abilities.allowed? :anyone, :read_book, book # true
abilities.allowed? :anyone, :drive, car # false
abilities.use(:car)
abilities.allowed? :anyone, :drive, :any # true
abilities.allowed? :anyone, :read_book, :any # false
# use reset to return to global usage
abilities.reset_use
abilities.allowed? :anyone, :drive, :any # true
abilities.allowed? :anyone, :read_book, :any # true
# different use methods
abilities.use(:ufo) # false
abilities.use!(:ufo) # raise Six::NoPackError
# remove pack
abilities.remove(:book) # true
abilities.remove(:ufo) # false
abilities.remove!(:ufo) # raise Six::NoPackError
abilities.use(:car) # true
abilities.current_rule_pack # :car
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].