eSpace Blog RSS
04Sep

webistrano_privileges: a Rails plugin for Webistrano

0

Webistrano is a widely used tool for automated deployment of Rails applications. It makes Rails people's life much easier. However, one of its most outstanding flaws is the lack of user-access control. In webistrano all registered users can control all projects, which makes it inconvenient in multiple projects development environments.

webistrano_privileges is a simple Rails plugin that was developed in eSpace, introducing access control to Webistrano-1.3. After applying the plugin to your working webistrano project copy, and running two shell commands, Webistrano will be accomodating a simple access control scheme. Admins can manipulate all projects. Non-admins can manipulate only THEIR projects. Admins can add and remove users to projects.
What the plugin basically does is:
- it generates a migration for a many-to-many relation between users and projects.
- it generates a route and a controller for adding and removing users from projects
- it replaces some views to present the added functionality.
- it introduces some logic to secure unauthorized access to projects from non-related users.
You can get the plugin from its github page. After downloading, only two steps are required:
- run the generate command, accept whenever prompted for overwriting existing files:

ruby script/generate privileges_extensions

- migrate

rake db:migrate RAILS_ENV=production


More details on this eSpace modules page.

Written By:

Haitham Mohammad (e-haitham.blogspot.com)

 

Post a Comment

eSpace podcast Prodcast

RSS iTunes

Archive

Latest Comments