ActiveAcl is a ruby on rails plugin, providing an unintrusive, scalable and very flexible approach to fine grained access control.  

Acl stands for access control lists.

News

November 28th, 2006: ActiveAcl 0.2.0 is out!

This adds needed API changes, migration support and some bugfixes. Expect 0.2.2 to be out this week, featuring generator support. Generators are already done but not tested yet. I decided to release 0.2.0 anyway for making the updates available as early as possible.

Features

  • ease of use - very comprehensible API, uses polymorphic collections for associations.
  • advanced design - uses SQL nested sets for inheritance, thus only needs a single DB query to decide on a permission request.
  • scalable - there are no real benchmarks yet. But the system design is based on phpgacl.sourceforge.net, adding object orientation, polymorphism and two levels of caching. PhpGacl claims "A real-world working version with many added layers of complexity supports over 60,000 Accounts, 200 Groups and 300 ACO’s." Tests on my dev notebook show 10 - 30 times performance improvements compared to active_rbac.
  • caching - uses instance caching and optionally stores permission results in memcached using timeouts.
  • very flexible - grants simple (2D, like current_user.has_permission?(User::LOGIN)) and object level (3D, like admin.has_permission?(Forum::ADMIN, :on => team_forum)) permissions. Can assign and request permissions to and from every ActiveRecord model. No "hardcoded" permissions - all permissions can be assigned at runtime.
  • grouping - permissions are inherited at target and requester side through groups. Every model implementing an SQL nested set tree using for example acts_as_nested_set may be used as a group.
  • ControllerAction model loader: It maps controller actions to the DB so they can be used in permission assignment. The access object is available via calling current_action on the controller.
  • exchangeable DB interface: ActiveRecord and direct MySQL adapter available
  • supports namespaced models and single table inheritance (STI)
  • around 100 % C0 code coverage on unit tests.

Changelog

Current version is 0.2.1 - the changelog can be viewed at CHANGELOG.

License

ActiveAcl is released under the LGPL (Gnu Lesser General Public License).