Lockdown is a authentication/authorization system for RubyOnRails (ver 2.x).
Lockdown operates on the principal of restrict all access unless access has been defined. Another difference with Lockdown is that instead of your security rules being defined in your controllers (and therefore spread across your application), all access is controlled via lib/lockdown/init.rb. This where you will define the permissions and user groups that will define the access to your system. Yet another difference is the absence of Roles. Instead of roles, users can be associated to one or many user groups which allows for superb flexibility.
Lockdown also comes with a generator to give you a nice head start with your project. It provides models, views, controllers, helpers, routes and migrations.
There’s more to know (if you care to), but that’s what the wiki is for. What’s Changed:
- Added in fix from Michael MacDonald that corrected an issue with the generated user_groups edit.html.rb
- Updated lockdown to abide by config.active_record.timestamped_migrations introduced in Rails 2.1.1 No changes to the security engine were made. There is a wiki, forum and issue tracking for Lockdown at http://stonean.com