¶ ↑
Aegis - A complete authorization solution for RailsAegis is an authorization solution for Ruby on Rails that supports roles and a RESTish, resource-style declaration of permission rules. Getting started with Aegis is easy and requires very little integration. As your authorization requirements become more complex, Aegis will grow with you.
¶ ↑
Getting startedAll your permissions live in a single class Permissions
. Permissions are described using resources
, similiar to your routes. Your permission resources can match those in your routes, but don’t have to.
Access to resources or individual actions can be granted or denied to specific roles.
class Permissions < Aegis::Permissions role :user role :admin resources :projects do allow :everyone end resources :users do allow :admin end end
To give your user model a role, it needs to have an attribute role_name
. The has_role
macro wires everything together:
class User < ActiveRecord::Base has_role end
You can now check if a user has permission to access a given action in your controllers and views:
<% if current_user.may_update_project? @project %> <%= link_to 'Edit', edit_project_path(@project) %> <% end %>
You can protect all actions in a controller through an Aegis resource with a single line:
class ProjectsController < ApplicationController permissions :projects end
¶ ↑
Further readingYou are now familiar with the basic use case. Aegis can do a lot more than that. There is an awesome documentation wiki with detailed information on many basic and advanced topics, including:
¶ ↑
InstallationAegis is a gem, which you can install with
sudo gem install aegis
In Rails 2, add the following to your environment.rb
:
config.gem 'aegis'
In Rails 3, add the following to your Gemfile
:
gem 'aegis'
¶ ↑
Rails 3 compatibilityWe cannot guarantee Rails 3 compatibility at this point, but we will upgrade the gem when Rails 3 is released.
¶ ↑
CreditsHenning Koch, Tobias Kraze