area_51 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +67 -0
- data/lib/area_51/version.rb +1 -1
- metadata +1 -1
data/README.md
CHANGED
@@ -0,0 +1,67 @@
|
|
1
|
+
# Area 51
|
2
|
+
|
3
|
+
You won't find [E.T.](http://www.youtube.com/watch?v=-uvw1wQZ5ZQ)
|
4
|
+
or [Alf](http://www.youtube.com/watch?v=J7g3FoMaGF0) here. What you
|
5
|
+
will find is a gem that tries to make the act of defining restricted
|
6
|
+
and unrestricted areas of your web app a little easier.
|
7
|
+
|
8
|
+
The [RDocs](http://rubydoc.info/gems/area_51) are available
|
9
|
+
if you need them.
|
10
|
+
|
11
|
+
## Why?
|
12
|
+
|
13
|
+
There are already a lot of gems out there that provide authorization
|
14
|
+
capabilities, but they all (at least the ones I've seen) revolve around
|
15
|
+
model classes. I had a need to authorize users for certain _paths_, not
|
16
|
+
models. So, I did what any Rubyist would do when I couldn't find one
|
17
|
+
that existed. I scratched my own itch and **Area 51** was born.
|
18
|
+
|
19
|
+
## Usage
|
20
|
+
|
21
|
+
class ApplicationController < ActionController::Base
|
22
|
+
area_51 do
|
23
|
+
authorization_trigger("current_user.active?", :unrestricted) do
|
24
|
+
restricted_area "^/memers_only"
|
25
|
+
unrestricted_area "^/$"
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
That's pretty much all there is to it. The methods you should be
|
31
|
+
concerned with are `authorization_trigger`, `restricted_area`, and
|
32
|
+
`unrestricted_area`.
|
33
|
+
|
34
|
+
<a id="authorization_trigger" />
|
35
|
+
|
36
|
+
### `authorization_trigger`
|
37
|
+
|
38
|
+
Defines a trigger condition that when met, will cause authorization to be performed.
|
39
|
+
|
40
|
+
The trigger can be either a `String`, `lambda`, or `Proc`. If a `String`, it will
|
41
|
+
be `eval`'d, if a `lambda` or `Proc`, it will be called, and anything else will
|
42
|
+
be returned as-is. If the result does not return an explicit `true`, authorization will not be performed.
|
43
|
+
|
44
|
+
The `default_access` parameter, if provided, must be one of `:restricted` or `:unrestricted`. The
|
45
|
+
default is `:restricted`. This specifies what type of access the undefined areas will have. For example:
|
46
|
+
|
47
|
+
authorization_trigger("current_user.active?", :unrestricted) do
|
48
|
+
restricted_area "^/memers_only"
|
49
|
+
unrestricted_area "^/$"
|
50
|
+
end
|
51
|
+
|
52
|
+
In this example, if a user tries to access a path that isn't defined above, they will be
|
53
|
+
granted access due to the `:unrestricted` parameter.
|
54
|
+
|
55
|
+
### `restricted_area` and `unrestricted_area`
|
56
|
+
|
57
|
+
These methods tie a path to an authorization trigger. It must be called within an
|
58
|
+
[`authorization`](#authorization_trigger) block:
|
59
|
+
|
60
|
+
authorization_trigger("current_user.top_secret_clearance?") do
|
61
|
+
restricted_area %r{^/top/secret/path}
|
62
|
+
unrestricted_area %r{^/all_eyes}
|
63
|
+
end
|
64
|
+
|
65
|
+
The method argument can be either a `String` or a `Regexp`. If a `String`, it will be converted to a `Regexp`.
|
66
|
+
|
67
|
+
## The End
|
data/lib/area_51/version.rb
CHANGED