Hi, I''m building an application which is going to require quite fine grained access control. Deciding if a user is allowed to access an action will probably require checking quite number of different rules, so a simple role-based system won''t be flexible enough. The approach I think I will try first is, if it''s possible, to ignore permission issues inside the actions. I think this may be achievable by using quite a complicated before_filter to decide if the current user is allowed to execute this action with the given parameters. Anyway, if anyone could lend a bit of their experience, or possibly even better, recommend some resources which cover building larger permissions systems (books, articles etc...) I''d be very grateful. Thanks, Jonathan. -- Posted via http://www.ruby-forum.com/.
> Anyway, if anyone could recommend some resources which cover building larger permissions systems (books, articles etc...) I''d be very grateful.Ditto. I discovered what we are talking about is known as RBAC : Role-Based Access Control. There are several discussion at Sitepoint on the topic. Regards Tony Green -- Posted via http://www.ruby-forum.com/.
AC Green wrote:>>Anyway, if anyone could recommend some resources which cover building larger permissions systems (books, articles etc...) I''d be very grateful. > > > Ditto. > > I discovered what we are talking about is known as RBAC : Role-Based > Access Control. There are several discussion at Sitepoint on the topic. > > Regards > > Tony Green >Bruce Perens wrote a RBAC called ModelSecurity. It''s available as a gem: gem install model_security Here''s the site: http://perens.com/FreeSoftware/ModelSecurity/Tutorial.html b
Ack... a bit tired... that should be "gem install model_security_generator". Ben Munat wrote:> Bruce Perens wrote a RBAC called ModelSecurity. It''s available as a gem: > > gem install model_security >
AC Green a ?crit :>>Anyway, if anyone could recommend some resources which cover building larger permissions systems (books, articles etc...) I''d be very grateful. > > I discovered what we are talking about is known as RBAC : Role-Based > Access Control. There are several discussion at Sitepoint on the topic.See https://activerbac.turingstudio.com/ It implements RBAC for rails. -- Jean-Christophe Michel