I am looking for a good role based authorization solution to use alongside Authlogic. Anyone have any good suggestions? Please list some pros and cons from your experience if possible please.
-
At RailsConf, I saw a lightning talk on Lockdown and was very impressed. Anyone with a modest amount of db and rails experience can roll their own ACL system, but Lockdown looks nice because it tries to keep the permission stuff out of the way.
http://lockdown.rubyforge.org/
I had used role_requirement previously but I didn't dig it.
JasonOng : Lockdown looks good. -
Acl9 works great with AuthLogic:
http://github.com/be9/acl9/tree/master
taelor : really like it. but it should totally be called yarba (yet another role based authorization - from the description).Jaryl : totally =) oh yeah, about pros and cons, it's really simple to get going (the documentation makes it seem more difficult than it is). On thing that could be useful is a method to collect all the subjects for a given role. I requested for that feature but I don't know if the author put it in.Jaryl : more recent gem to do this: http://github.com/stffn/declarative_authorization -
Check out http://blog.platform45.com/2009/10/05/howto-basic-roles-for-users for basic role requirement, works with restful_authentication and authlogic..
It's really simple, fast and lightweight.
Nathan Hurst : link no longer works -
I have recently have been using a gem called easy_roles. Super light weight and super easy to use. It's also flexible enough for you to implement your own controller security etc etc.
0 comments:
Post a Comment