Yesterday we released the next major revision of our popular authorization solution Aegis.
Since the inception of Aegis in 2007, the way we write our Rails controllers has changed dramatically. We are now using RESTful routes and slim down controllers with resource_controller and modularity. We're getting more bang for each line of code. It was time for Aegis to catch up.
Aegis 2 lets you describe your permissions using resources
, similiar to your routes. Your permission resources can match those in your routes, but don’t have to. Here is how your permission definitions can look like in Aegis 2:
class Permissions < Aegis::Permissions
role :user
role :admin
resources :projects do
allow :everyone
end
resources :users do
allow :admin
end
end
You can protect all actions in a controller through an Aegis resource with a single line:
class ProjectsController < ApplicationController
permissions :projects
end
There are many more new features, including defining permissions for reading or writing actions and a way to check permissions when no user is signed in.
We also started an awesome documentation wiki for Aegis where you can find detailed information on many basic and advanced topics, including:
- Defining roles and basic permissions
- Checking permissions
- Giving your user model a role
- Defining permissions with resources
- Controller integration
- Giving default access to superusers
- Distinguishing between reading and writing actions
- Aliasing actions
- Checking permissions when no user is signed in
- Handling denied permissions in your controllers
- Changing behavior when a permission is undefined
There is also a migration guide for people who want to bring their Aegis 1 setup up to speed.