RubygemsResearch

Sha256: a4493ae2e146a282313c952f6637a9988b6fb3050957639cf38b1ffaeb3ded0d

Contents?: true

Size: 1.54 KB

Versions: 19

Compression:

Stored size: 1.54 KB

# Access Control

_ActiveElement_ provides a comprehensive authorization model for restricting access to all parts of your application based on a simple permissions system.

_ActiveElement_ does not enforce any particular authentication framework and works out of the box with [Devise](https://github.com/heartcombo/devise).

There are no restrictions on how you choose to implement your application's authentication system, but if you wish to use _ActiveElement's_ authorization model the following two methods must be defined:

* An authenticator that will render or redirect on authentication failure, e.g. _Devise's_ `authenticate_user!`.
* A user accessor that provides a user object, e.g. _Devise's_ `current_user`. The user object must respond to a `#permissions` method which returns an array of strings such as `['can_list_users']`.

A typical setup would look like this:

```ruby
# app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  prepend_before_action :configure_authentication

  private

  def configure_authentication
    active_element.authenticate_with { authenticate_user! }
    active_element.authorize_with { current_user }
  end
end
```

_ActiveElement_ does not require authentication/authorization to be implemented and works either without any authentication at all or with your own custom authentication stack.

See the [Authentication](access-control/authentication.html) and [Authorization](access-control/authorization.html) for more details on the benefits of using the provided authorization features.

Version data entries

19 entries across 19 versions & 1 rubygems

Version	Path
active_element-0.0.31	rspec-documentation/pages/020-Access Control.md
active_element-0.0.30	rspec-documentation/pages/020-Access Control.md
active_element-0.0.29	rspec-documentation/pages/020-Access Control.md
active_element-0.0.28	rspec-documentation/pages/020-Access Control.md
active_element-0.0.27	rspec-documentation/pages/020-Access Control.md
active_element-0.0.26	rspec-documentation/pages/020-Access Control.md
active_element-0.0.24	rspec-documentation/pages/020-Access Control.md
active_element-0.0.23	rspec-documentation/pages/020-Access Control.md
active_element-0.0.22	rspec-documentation/pages/020-Access Control.md
active_element-0.0.21	rspec-documentation/pages/020-Access Control.md
active_element-0.0.19	rspec-documentation/pages/020-Access Control.md
active_element-0.0.18	rspec-documentation/pages/020-Access Control.md
active_element-0.0.17	rspec-documentation/pages/020-Access Control.md
active_element-0.0.16	rspec-documentation/pages/020-Access Control.md
active_element-0.0.15	rspec-documentation/pages/020-Access Control.md
active_element-0.0.14	rspec-documentation/pages/020-Access Control.md
active_element-0.0.13	rspec-documentation/pages/020-Access Control.md
active_element-0.0.12	rspec-documentation/pages/020-Access Control.md
active_element-0.0.11	rspec-documentation/pages/020-Access Control.md