资源说明：Security-Layer for Rails-Application acts like a firewall.

= Tuersteher
Security-Layer for Rails-Application acts like a firewall.
It's check your URL's or Modells to have the rights for this.

== Install

  gem install tuersteher


== Usage

Create in your Rails-Application the rules-file "config/access_rules.rb"
(or copy the sample from samples-directory and modify)

Here is as small sample for "config/access_rules.rb"

  # Path-Acces-Rules
  path('/').grant.method(:get)
  path(:all).grant.role(:ADMIN)
  path('/user/lock').deny.role(:USER).role(:APPROVER)

  # Model-Acces-Rules
  model(Dashboard).grant.method(:view)

  model(Todo) do
    grant.method(:view)
    grant.method(:full_view).role(:ADMIN)
    grant.method(:update).role(:EDITOR).extension(:owned_by?) # calls Todo.owned_by?(current_user)
    grant-method(:delete).not.role(:ADMIN)
  end

Then extend your ApplicationController with:

  include Tuersteher::ControllerExtensions
  before_filter :check_access # methode is from Tuersteher::ControllerExtensions

Check if your authendicate-system has implemented the methods:

  * current_user
  * access_denied

and the current_user should have a method

  * has_role?(role)

If not, just implemen it (see samples/application_controller.rb)

== License

LGPL V3 (see license.txt)

联系我们：verysource_com

CopyRight © 2008-2022 verySource.Com All Rights reserved.　京ICP备17048824号-1　京公网安备：11010502034788