I am looking for a good role based authorization solution to use alongside Authlogic. Anyone have any good suggestions? Please list some pros and cons from your experience if possible please.
+4
A:
At RailsConf, I saw a lightning talk on Lockdown and was very impressed. Anyone with a modest amount of db and rails experience can roll their own ACL system, but Lockdown looks nice because it tries to keep the permission stuff out of the way.
http://lockdown.rubyforge.org/
I had used role_requirement previously but I didn't dig it.
Brian Hogan
2009-05-18 04:36:31
Lockdown looks good.
JasonOng
2009-05-19 04:02:52
really like it. but it should totally be called yarba (yet another role based authorization - from the description).
taelor
2009-05-21 22:43:40
totally =) oh yeah, about pros and cons, it's really simple to get going (the documentation makes it seem more difficult than it is). On thing that could be useful is a method to collect all the subjects for a given role. I requested for that feature but I don't know if the author put it in.
Jaryl
2009-05-22 02:50:45
more recent gem to do this:http://github.com/stffn/declarative_authorization
Jaryl
2010-03-23 05:23:28
+1
A:
Check out http://blog.platform45.com/2009/10/05/howto-basic-roles-for-users for basic role requirement, works with restful_authentication and authlogic..
It's really simple, fast and lightweight.
Ryan
2009-10-06 15:17:47
+1
A:
I have recently have been using a gem called easy_roles. Super light weight and super easy to use. It's also flexible enough for you to implement your own controller security etc etc.
Ryan
2009-11-17 09:12:44