Turnstile is a simple authorization module. With turnstile you’ll be able to define rules for each role to access your controllers and views.
You can define all roles, all rules and all privileges in the config file, placed in config/initializers/turnstile.rb
privilege :read do allows_to :show, :index denies_to :destroy, :create end privilege :manage do allows_to :create, :new allows_to :destroy end
role :reader do can :read => :posts can :read => :comments end role :admin do inherits :reader can :manage => :posts end
You need to set a role to be used when the current user has no role
default_is :reader
An example of config file can be found in config/initializers/turnstile.rb in this repo.
So far it is hardcoded, so you need a string column called
user_role
For example, using Active Record, in your migration, put:
t.string :user_role
or for Mongoid:
field :user_role
and be sure to have a method that returns the current user using
current_user
Authorization makes more sense when used with authentication, the most authentication libs have a method called current_user that returns the current user. dah =/ So you probably won’t need to do that, but if you need to, Turnstile also can verify user permission trough…
Thread.current['current_user'] = User...
So set it and have fun, otherwise, the default role will always be set.
For each controller that you want to monitorate just call:
before_filter :verify_role_permissions!
To access the current role in your views use
current_role
Then for example, you can check its permissions with
current_role.is_allowed_to? :create, :posts
There is something that i call blongloid !lol! in my repos. Blongoid is a blog prototype using Rails 3, Mongoid, Devise and Turnstile.
You can check there some using of Turnstile.