permissions   4195

« earlier    

GitHub - rails-engine/role_core: A Rails engine providing essential industry of Role-based access control (formerly called rbac_core)
What's does the RoleCore do

The role model

The essence of RBAC is the role, despite your application, there are many possibilities: single-role, multi-roles, extendable-role and the role may associate to different kinds of resources (e.g: users and groups)

RoleCore provides a essential definition of Role, you have to add association to adapt to your application, for example:

single-role: adding one-to-many association between Role and User
multi-roles: adding many-to-many association between Role and User
extendable-role: adding a self-association to Role
polymorphic-asscociated-role: consider using polymorphic association technique
Although it's not out-of-box, but it will give you fully flexibility to suit your needs.

Permissions definition

RoleCore provides a DSL (which inspired by Redmine) that allows you define permissions for your application.

Empowered by virtual model technique, these permissions your defined can be persisted through serialization, and can be used with OO-style, for example: role.permissions.project.create?

There also support permission groups, and groups support nesting.

I18n is supported too.

In fact, the essence of permissions is Hash, keys are permissions, and values are booleans. so computing of permissions with many roles, can be understood as computing of Hashes.

Management UI

Building a management UI is difficult, but virtual model technique will translates permissions to a virtual model's (a class that conforms to ActiveModel) attributes, and groups will translates to nested virtual models, that means you can use all Rails view helpers including the mighty form builder, and can benefit to Strong Parameter.

The dummy app shows that rendering a permission list only about 20 lines.

If your application is API-only, you can simply dumping the role's permissions to JSON, and can still be benefit to StrongParameter.

Checking permission

RoleCore DOES NOT handle the authentication or authorization directly, you have to integrate with CanCanCan, Pundit or other solutions by yourself.

RoleCore can be working with CanCanCan, Pundit easily and happily.
authorization  permissions  Security  RubyOnRails 
6 hours ago by cnk
Duke ScholarWorks: Scholarly Communications Toolkit
Scroll to "Model letter requesting copyright permission" for a great sample permission letter when you need permission from a copyright owner for using their work.
copyright  permissions 
17 days ago by librarianchase
NSPersistentDocument: *** Assertion failure in -[NSVBSavePanel viewWillInvalidate:] — Mac Lovin'
By default the sandbox disallows user file writing, so file access must be set to "read/ write".
swift  xcode  sandbox  permissions  nssavepanel 
19 days ago by emorydunn
An unopinionated authentication library for building Node.js APIs.
node  permissions 
29 days ago by linuslundahl

« earlier    

related tags

2010  365  access  account  accounts  acl  active  active_directory  admin  adsi  advanced  against  agent  agile  amazon  android  angular  apache  app  appdesign  apple  apps  art  auth  authentication  authorization  aws  boards  breach  browser  bucket  by:grigs  calculator  cambridgeanalytica  certificate  chmod  client  cloud-formation  code  command  communication  consent  control  copyright  coult  craftcms  create  cups  cwrsync  d8  database  dataprotection  db  dba  default  delay  delete  denied  design  developer  development  deviant_art  device  directory  disk  docs  drupal  education  evans  examples  excel  exchange  external  facebook  facebookgraphapi  facebookmessenger  file  files  filesystem  filter  find  folder  folders  freenas  ftc  github  go  grant  granular  graph  graphql  group  groups  gsr  gui  guide  hancockmatt  highsierra  howto  https  ico  id  impersonation  infosec  inheriable  inheritance  install  ios  item  jira  koganaleksandr  laravel  levels  linux  loadrunner  location  log  logging  mac  macos  macosx  maybesolution  misuse  mitm  mobile  modern  moral_rights  mssql  muo  mysql  neo4j  ngif  nintex  node  node_access  nodejs  not  nothanksapple  npm  nssavepanel  ntfs  office  office2016  office365  office_365  omeka-s  online  only  osx  outlook  ownership  parakilassandy  pentest  performance  personaldata  pip  pnp  policy  politics  powerpoint  powershell  prerequisites  printing  privacy  protections  ptrace  python  rbac  rdf  react  rebuild  regulation  repair  restrict  restrictions  role  roles  rsync  rsyslog  rubyonrails  s3  sample  sandbox  security  server  service  settings  setup  share  sharepoint  sharing  shells  sierra  sig  site  smartphones  socialgraph  socialmedia  software  specific  sql  ssdt  ssh  ssl  stackoverflow  sticky-bit  sudo  surveillance  surveillancecapitalism  swift  sync  sysadmin  syslog  team_sites  terminal  token  tomcat  tools  tos  tracking  troubleshooting  tty  tutorial  ubuntu  uk  umbraco  undocumentedshit  unified_groups  unix  update  usa  usage  use  user-management  user  usermanagement  users  ux  veeam  web  webdesign  webvsnative  win  windows  with  word  xcode  zuckerbergmark 

Copy this bookmark: