Good morning.
Our application has grown to the point where a more robust authorization system is needed. What Rails plugins or Ruby gems do you recommend?
Our needs include:
- defining multiple user roles which can use parts of the application in different ways - easy maintenance (preferably no generators or systems requiring manual code updating after initial install)
We are already using authlogic for authentication.
Thanks.
Evan
Hello Evan,
I've posted a similar question few days ago ( http://groups.google.com/group/rubyonrails-talk/t/813041902727d8e0?hl=en ). Unfortunately there weren't any answers yet. So, by now I recommend you to take a look at the "rails-authorization-plugin" from Writertopia ( writertopia ), it can can supply your needs for sure.
Last but not least, I also suggest you to keep looking at Ben Johnson's site where recently has been posted some exciting news about the future of Authlogic (http://www.binarylogic.com/2009/2/25/the- future-of-authlogic-add-ons). There you'll see something about the add- on nr. 5. Maybe you can wait for its release. I confess I'm looking forward to it.
Regards,
Adriano
Adriano,
Thanks for pointing out your post. I'm looking at the Authorization plugin now.
After several more hours of research I've found a couple of resources that might help you, as well.
A good, comparative overview of lots of authorization plugins http://steffenbartsch.com/blog/2008/08/rails-authorization-plugins/
Declarative Authorization plugin – well-designed authorization system that abstracts authorization declarations from application code http://github.com/stffn/declarative_authorization/tree
Evan
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks