Skip to content

yogo/yogo-authz

Repository files navigation

Yogo - An Authentication and Authorization component of the Yogo Data Management Toolkit

DESCRIPTION

This a component of the Yogo Data Management Toolkit. It has been developed as a rails engine to keep the implementation separate from data management components. It provides authentication, with the help of Authlogic, and authorization for a rails application. Default controller, models, and views are provided with this component, but may be overwritten in a Rails app.

The goals of this component are to provide a flexible and customizable authentication and authorization system that is implemented separately from the main app. A minimal number of changes to a rails app are needed to fully utilize yogo-.

INSTALL

Due to apparent limitations in the way Rails loads engines, Yogo currently only works as a plugin.

The current recommended way to install this plugin is as a git submodule. This link shows a great example of how to install rails plugins as git submodules:

github.com/guides/using-git-submodules-to-track-plugins

This plugin/engine requires the following gems to be installed (many are the same as a yogo app):

Required Gems

  • authlogic

  • dm-core

  • rails_datamapper

  • dm-validations

  • dm-timestamps

  • dm-aggregates

  • dm-is-nested_set

  • dm-ar-finders

Optional Gems for LDAP support

  • ruby-net-ldap

  • authlogic_ldap

A class named ‘User’ needs to be created in RAILS_ROOT/app/models and the class needs to include the YogoUser module. Associations for your application can and any methods may be added to this model.

Example:

  require 'authlogic'
  class User
    include Yogo::YogoUser

    # An association with another model
    has n, :drops, :child_key => [ :user_id ]

    # A useful method
    def puts_moo
      puts 'moo'
    end
  end

In drop.rb
  class Drop
    include DataMapper::Resource

    property :id, Serial
    belongs_to :user, :model => 'User'
  end

This component provides other controllers, views, and models for managing users, groups, and permissions with sensible default permissions.

A rake task is provided to create the tables in the database and create a sysadmin user and password.

rake yogo:load_default_info

To use the authentication and authorization components, include Yogo::AuthenticatedSystem and Yogo::AuthorizationSystem in application_controller.rb

Example:

class ApplicationController < ActionController::Base
  include Yogo::AuthenticatedSystem
  include Yogo::AuthorizationSystem
end

These two modules add several methods to the controllers to help control access.

To require a logged in our logged out user: require_user :for => [:create, :new] login_required

require_no_user

To require a user with particular credentials:

authorize_group :sysadmin, :for => :create

Several new controllers and routes are added to the system.

user_session.rb is for authenticating users, and is available to non logged in users.

The remaining controllers require a user in the sysadmin group. They can be access through /users /requirements - For setting login requirements for controllers/actions /groups /groups/:id/permissions - for setting Authorization requirements for controllers/actions

LDAP Support can be added by editing ‘app/models/yogo_/user_session.rb’. In the future there will be a better way to enable ldap support.

RESOURCES

TODO

  • LDAP Support

  • Create a way to configure this plugin from the initializers.

  • Write more tests

  • Decide where to redirect when authorization fails

  • Develop a model permissions component

  • Clean up the views

  • Merge corresponding restful actions new/create edit/update

  • Refactor the naming of various items.

  • Add a password changing functionality.

  • Add email messages for when a user is created.

  • Add useful information to Yogo::Controller model, a description field for the controllers, etc.

LICENSE

This is the standard OSI approved MIT license.

Copyright © 2009 Montana State University

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages