Wednesday, September 3, 2008

webistrano_privileges: a Rails plugin for Webistrano

Webistrano is a widely used tool for automated deployment of Rails applications. It makes Rails people's life much easier. However, one of its most outstanding flaws is the lack for user-access control. All registered users can control all projects.

webistrano_privileges is a simple Rails plugin that I developed, introducing access control to Webistrano-1.3. After applying the plugin to your working webistrano project copy, and running two shell commands, Webistrano will be accomodating a simple access control scheme. Admins can manipulate all projects. Non-admins can manipulate only THEIR projects. Admins can add and remove users to projects.

What the plugin basically does is:
- it generates a migration for a many-to-many relation between users and projects.
- it generates a route and a controller for adding and removing users from projects
- it replaces some views to present the added functionality.
- it introduces some logic to secure unauthorized access to projects from non-related users.

You can get the plugin from its github page. After downloading, only two steps are required:

- run the generate command, accept whenever prompted for overwriting existing files:
ruby script/generate privileges_extensions

- migrate
rake db:migrate RAILS_ENV=production


AJ said...

Does this work with Webistrano 1.4?

Haitham Mohammad said...

Didn't test it on 1.4
You can go ahead and try it, and tell us if it worked :)

svdgraaf said...

Works in 1.5, it does give an error with the patches, but works anyway :)