Authentication options get a lot of press these days, but there is another Auth that can still be a pain: Authorization. ACLatraz from Kriss Kowalik caught our eye because it’s inspired by *nix Access Control Lists (ACLs), powered by Redis, and has a sense of humor.
Install ACLatraz via Ruby gems
gem install aclatraz
and configure your Redis-based storage
Aclatraz.init :redis, "redis://localhost:6379/0"
Everyone is a
In keeping with the Alcatraz theme, actors in your authorization system are deemed
class Account < ActiveRecord::Base
ACLatraz supports global, class-related, and object-related roles:
# global admin role
@account.roles.assign(:admin) # or ...
# Page class-related role
@account.roles.assign(:responsible, Page) # or...
# object-related role for page 15
@account.roles.assign(:author, Page.find(15)) # or...
Once, assigned you can interrogate your suspects a couple of ways using
@account.roles.has?(:admin) # => true
@account.roles.has?(:responsible, Page) # => true
@account.roles.has?(:author, Page.find(15) # => true
… or the more natural semantic shortcuts:
@account.is_not.admin? # => false
@account.is_not.responsible_for?(Page) # => false
To enable access control on an object, include the
suspects :account do
deny all # notice that it's a method, not symbol
Check the README for even more features including custom actions, aliases, and class inheritance.
[Source on GitHub]