# role_on

Really Simple Roles

# Assumptions

I assume you have a model called User for your user authentication stuff.

# Usage

    config.gem 'darkhelmet-role_on', :lib => 'role_on', :source => 'http://gems.github.com'

Add

    def store_location
      session[:return_to] = request.request_uri
    end

    def redirect_back_or_default(default)
      redirect_to(session[:return_to] || default)
      session[:return_to] = nil
    end

    def access_denied
      flash[:error] = 'You are not authorized to perform this action'
      redirect_back_or_default '/'
    end

Or similar to you application controller, and setup store_location as an after_fitler, and all of them as helper methods

    after_filter :store_location
    helper_method :store_location, :redirect_back_or_default, :access_denied

Include RoleOn in your application controller and User model

    include RoleOn

Generate model and migration

    ./script/generate role_on

Migrate

    rake db:migrate

Do your own thing for managing roles.

Start locking down your controllers

    role_on(:admin, :on => [:new,:create,:destroy])
    role_on(:regular, :only => [:edit,:update])

Add your views

    if current_user.has_role?(:admin) # do stuff

Can also use except

    role_on(:admin, :except => [:index,:show])

Can specify :sa to allow a 'superadmin' to gain access even if they don't have the specific role

    role_on(:foo_admin, :sa => :super_admin)

In that case, users who either have the :foo_admin or :super_admin role will have access

You can also define a role_on_defaults method on things to define default arguments

In application_controller:

    def role_on_defaults
      { :sa => :my_sa_role }
    end

In all sub controllers, :my_sa_role will be the value of :sa. This can be overridden.

# License

See LICENSE for details.