bodyguards provides a small DSL to create classes to manage the feature permissions in your project.
You create bodyguard classes by inheriting from Bodyguards::Base and registering rules for your feature names.
Bodyguards::Base methods
#permit_to(feature_name, &block)- Register a rule for the given feature name
- The block is evaluated in the scope of the given subject
- The result of the block evaluation is returned by
#permission_to?/#rejection_to?
#permit_all(&block)- Register a global rule that is evaluated before any feature-specific rule by
#permission_to?/#rejection_to?and stops any further evaluation on success
- Register a global rule that is evaluated before any feature-specific rule by
#permission_to?(feature_name, subject)- Evaluates the rule block registered for the given feature name in the scope of the given subject and returns the result
#rejection_to?(feature_name, subject)- Complement to
#permission_to?
- Complement to
#any_permission?(subject)- Returns the result of the first rule block evaluation with a truthy return value
You can create as many bodyguard classes as you want, e.g. corresponding to the available contexts of your project.
app/models/user.rb
class User
def admin?
[...]
end
def super_cool?
id == 1
end
endapp/bodyguards/application_bodyguard.rb
class AdminBodyguard < Bodyguards::Base
permit_to :show_dashboard { admin? }
permit_to :delete_users { admin? }
permit_all { super_cool? }
endapp/controllers/admin_controller.rb
class AdminController
def index
render template: 'public/system/403.html' unless AdminBodyguard.permission_to?(:show_dashboard, current_user)
end
endapp/layouts/application.html.erb
[...]
<%= link_to '/admin' if AdminBodyguard.any_permission?(current_user) %>
[...]- Add some rails-specific helpers, e.g. to auto-check permissions in controllers based on naming conventions
- Maybe put the rails-specific things into an extra gem 'bodyguards-rails'