Yesterday we released the next major revision of our popular authorization solution Aegis.

Since the inception of Aegis in 2007, the way we write our Rails controllers has changed dramatically. We are now using RESTful routes and slim down controllers with resource_controller and modularity. We're getting more bang for each line of code. It was time for Aegis to catch up.

Aegis 2 lets you describe your permissions using resources, similiar to your routes. Your permission resources can match those in your routes, but don’t have to. Here is how your permission definitions can look like in Aegis 2:

class Permissions < Aegis::Permissions

  role :user
  role :admin

  resources :projects do
    allow :everyone
  end

  resources :users do
    allow :admin
  end

end

You can protect all actions in a controller through an Aegis resource with a single line:

class ProjectsController < ApplicationController
  permissions :projects
end

There are many more new features, including defining permissions for reading or writing actions and a way to check permissions when no user is signed in.

We also started an awesome documentation wiki for Aegis where you can find detailed information on many basic and advanced topics, including:

• Defining roles and basic permissions
• Checking permissions
• Giving your user model a role
• Defining permissions with resources
• Controller integration
• Giving default access to superusers
• Distinguishing between reading and writing actions
• Aliasing actions
• Checking permissions when no user is signed in
• Handling denied permissions in your controllers
• Changing behavior when a permission is undefined

There is also a migration guide for people who want to bring their Aegis 1 setup up to speed.