rbac.cr
rbac.cr provides simple role based access control for crystal programs
Installation
Add to your shard.yml
dependencies:
rbac.cr:
github: tpei/rbac.cr
branch: master
and then install the library into your project with
$ crystal deps
Usage
rbac.cr come with two basic modules
Rbac::Resource
: for which access is requiredRbac::Accessor
: for instances that can be given access to resources
Consider the following simple example:
# a DataStore that has different access levels
class DataStore
include Rbac::Resource
end
# a User that can also have different access levels
class User
include Rbac::Accessor
end
# create a DataStore and add access levels
ds = DataStore.new
ds.has_roles :add, :edit, :delete
ds.roles # => [:add, :edit, :delete]
ds.has_role? :add # => true
ds.has_role? :read # => false
# create users with different access levels
admin = User.new
admin.has_roles ds.roles
author = User.new
author.has_roles :add, :edit
editor = User.new
editor.has_roles :edit
impotent = User.new
impotent.has_roles :read
# now you can simply check if a user has any of the resource rights
ds.authorized? author # => true
ds.authorized? impotent # => false
# and you can also check if a user has a specific resource right
ds.authorized?(admin, :add, :delete) # => true
# may is a shorthand for the `authorized?(Roleable, *Symbol)` method
ds.may?(editor, :add) # => false
You can also define default roles per model by adding the has_roles
call to the initializer:
class UserWithDefaultRoles
include Rbac::Accessor
def initialize
has_roles :add
end
end
# every instance now has this roles
u = UserWithDefaultRoles.new
u.roles # => [:add]
# roles can of course still be extended for class instances
u.has_roles :edit, :delete
u.roles # => [:add, :edit, :delete]
Contributing
- Fork it ( https://github.com/tpei/rbac/fork )
- Create your feature branch (git checkout -b my-new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin my-new-feature)
- Create a new Pull Request
Contributors
- tpei TPei - creator, maintainer