Lockdown is a authentication/authorization system for RubyOnRails (ver 2.x).
operates on the principal of restrict all access unless access has been
defined. Another difference with Lockdown is that instead of your
security rules being defined in your controllers (and therefore spread
across your application), all access is controlled via
lib/lockdown/init.rb. This where you will define the permissions and
user groups that will define the access to your system. Yet another
difference is the absence of Roles. Instead of roles, users can be
associated to one or many user groups which allows for superb
Lockdown also comes with a generator to give you a nice head start
with your project. It provides models, views, controllers, helpers,
routes and migrations.
There’s more to know (if you care to), but that’s what the wiki is for.
- Added in fix from Michael MacDonald that corrected an issue with the generated user_groups edit.html.rb
- Updated lockdown to abide by config.active_record.timestamped_migrations introduced in Rails 2.1.1
No changes to the security engine were made.
There is a wiki, forum and issue tracking for Lockdown at http://stonean.com