Rootstrap RBAC+
Role-based access control for Rootstrap projects.
RBAC+ restricts access based on a person's role within an organization and has become one of the main methods for advanced access control.
The roles in RBAC refer to the levels of access that users have in a platform.
The "+" stands for positive RBAC. We give access to specified resources, but no access is denied explicitly.
Finally, it contains a plug an play Administration console (thanks to ActiveAdmin).
How to use
- Clone this repo
- Install PostgreSQL in case you don't have it
- Create your
database.yml
andapplication.yml
file bundle install
- Generate a secret key with
rake secret
and paste this value into theapplication.yml
. rails db:create db:migrate
rspec
and make sure all tests passrails s
- You can now try your REST services!
How to use with docker
Api Docs
https://rsrbac.docs.apiary.io/
Code quality
With rake code_analysis
you can run the code analysis tool, you can omit rules with:
- Rubocop Edit
.rubocop.yml
- Reek Edit
config.reek
- Rails Best Practices Edit
config/rails_best_practices.yml
- Brakeman Run
brakeman -I
to generateconfig/brakeman.ignore
- Bullet You can add exceptions to a bullet initializer or in the controller
Configuring Code Climate
- After adding the project to CC, go to
Repo Settings
- On the
Test Coverage
tab, copy theTest Reporter ID
- Replace the current value of
CC_TEST_REPORTER_ID
on theconfig.yml file (.circleci/config.yml)
with the one you copied from CC
Code Owners
You can use CODEOWNERS file to define individuals or teams that are responsible for code in the repository.
Code owners are automatically requested for review when someone opens a pull request that modifies code that they own.
Credits
Rails Api Base is maintained by Rootstrap with the help of our contributors.