declarative_authorization 0.4
0 views
Skip to first unread message
Steffen Bartsch
Nov 15, 2009, 11:11:58 AM11/15/09
to declarative_...@googlegroups.com
Hi,
I'd like to announce the decl_auth 0.4 release. The updated gem is now
available from gemcutter. There are improvements of the DSL and controller
authorization. I collected details of the changes since 0.3 at
http://steffenbartsch.com/blog/2009/11/declarative_authorization-0-4/
Regards,
Steffen
I'd like to announce the decl_auth 0.4 release. The updated gem is now
available from gemcutter. There are improvements of the DSL and controller
authorization. I collected details of the changes since 0.3 at
http://steffenbartsch.com/blog/2009/11/declarative_authorization-0-4/
Regards,
Steffen
Mark Mansour
Nov 16, 2009, 3:41:34 AM11/16/09
to declarative_authorization
Congratulations Steffen and everyone else who've contributed!
What a great release.
What is v1.0 going to look like? What do you feel it is missing? A
v1.0 would be a great excuse to get some publicity for this fantastic
project. That said, I guess there is nothing stopping anyone
contacting the RailsEnvy/Rails5 podcasts and getting the word out.
Mark
What a great release.
What is v1.0 going to look like? What do you feel it is missing? A
v1.0 would be a great excuse to get some publicity for this fantastic
project. That said, I guess there is nothing stopping anyone
contacting the RailsEnvy/Rails5 podcasts and getting the word out.
Mark
tsechingho
Nov 16, 2009, 5:05:17 AM11/16/09
to declarative_authorization
I just update a project to 0.3.2.3 from 0.3.2.2 few days ago and found
some questions.
I am ready to ask in this discussion group and then you update to 0.4.
Good and wonderful.
This version really helpful for people like me having a private
fixation lib for rails STI issues.
Thanks.
some questions.
I am ready to ask in this discussion group and then you update to 0.4.
Good and wonderful.
This version really helpful for people like me having a private
fixation lib for rails STI issues.
Thanks.
Steffen Bartsch
Nov 16, 2009, 9:54:30 AM11/16/09
to declarative_...@googlegroups.com
Am Montag, 16. November 2009 schrieb Mark Mansour:
> What is v1.0 going to look like? What do you feel it is missing?
That's an interesting point. We should collect some opinions on what's
> What is v1.0 going to look like? What do you feel it is missing?
missing for a 1.0. My personal feeling is that there are a few rough edges
still. Some points on the list:
* Wildcard handling on authorization checks, e.g.
permitted_to?(:read, an_object, :dont_check => :status)
Up to now, you can only check by type (no attributes) or the complete
object.
* (Some) access control on the attribute level, but the implementation might
be very invasive.
* Custom conditions and find scopes as alternative to if_attribute rules.
A different perspective would be to emphasize the authorization developer
tools. Then, I'd say a 1.0 is still some time away. Here, we'd need DB rules
backend and a mature rules editing GUI.
Other opinions?
> That said, I guess there is nothing stopping anyone
> contacting the RailsEnvy/Rails5 podcasts and getting the word out.
haven't watched it yet.
Steffen
Andy Koch
Nov 16, 2009, 10:33:36 AM11/16/09
to declarative_authorization
* (Some) access control on the attribute level
+1
I think this is the one core feature DA is missing, however the rest
of DA is good enough to compensate for this.
Andy Koch
Nov 16, 2009, 11:09:44 AM11/16/09
to declarative_authorization
> Good timing:http://railscasts.com/episodes/188-declarative-authorization-- I
> haven't watched it yet.
>
> Steffen
Just watched the RailsCast - very nice, picked up some new things -
>
> Steffen
even though I've been using DA for at least a year now
curious though, he used the :guest role for a signed-in user - kind of
a base role
I've always used :guest for the non-authenticated and made my own base
role, usually something like ":authenticated"
have I been doing this wrong?
Reply all
Reply to author
Forward
0 new messages