Grant is a Ruby gem and Rails plugin that forces you to make explicit security decisions about the operations performed on your ActiveRecord models. It provides a declarative way to specify rules granting permission to perform CRUD operations on ActiveRecord objects. This presentation covers the basic usage of Grant, highlighting a few of the features that make it different from other solutions available.
2. Leveraging Ruby’s Open
Classes and
Metaprogramming
Capabilities, Combined with
Active Record Features to
Develop a Security Plugin for
Ruby on Rails
Jeff Kunkle
3. class EmployeesController < ApplicationController
before_filter :authorize, :if => :update
def list
@employees = Employee.all
end
def update
emp = Employee.find params[:id]
emp.update_attributes params[:employee]
end
end
4. class EmployeesController < ApplicationController
def list
@employees = Employee.all
end
def update
if user.has_role?(:manager)
emp = Employee.find params[:id]
emp.update_attributes params[:employee]
end
class EmployeesController <end
ApplicationController
before_filter :authorize, :if => :update
end
def list
@employees = Employee.all
end
def update
emp = Employee.find params[:id]
emp.update_attributes params[:employee]
end
end
11. class EmployeesController < ApplicationController
def list
@employees = Employee.all
end
def update
if user.has_role?(:manager)
emp = Employee.find params[:id]
emp.update_attributes params[:employee]
end
end
end
12. class Employee < ActiveRecord::Base
include Grant::ModelSecurity
grant(:update) { |user, model| user.has_role?(:manager) }
end
13. class Employee < ActiveRecord::Base
include Grant::ModelSecurity
grant(:update) { |user, model| user.has_role?(:manager) }
end
class EmployeesController < ApplicationController
def list
@employees = Employee.all
end
def update
emp = Employee.find params[:id]
emp.update_attributes params[:employee]
end
end
15. Quiz
class Employee < ActiveRecord::Base
include Grant::ModelSecurity
grant(:update) { |user, model| user.has_role?(:manager) }
end
16. Quiz
class Employee < ActiveRecord::Base
include Grant::ModelSecurity
grant(:update) { |user, model| user.has_role?(:manager) }
end
class User < ActiveRecord::Base
def has_role?(role)
[:employee, :manager].include?(role)
end
end
17. Quiz
class Employee < ActiveRecord::Base
include Grant::ModelSecurity
grant(:update) { |user, model| user.has_role?(:manager) }
end
class User < ActiveRecord::Base
def has_role?(role)
[:employee, :manager].include?(role)
end
end
class EmployeesController < ApplicationController
?
def update
emp = Employee.find params[:id]
emp.update_attributes params[:employee]
end
end
18. Grant::ModelSecurityError: find permission not
granted to User:7 for resource Employee:25
from /Users/jkunkle/project/vendor/plugins/grant/
lib/grant/model_security_manager.rb:75:in
`permission_not_granted'
from /Users/jkunkle/project/vendor/plugins/grant/
lib/grant/model_security_manager.rb:60:in
`apply_security'
from /Users/jkunkle/project/vendor/plugins/grant/
lib/grant/model_security_manager.rb:44:in
`after_find'
19. Grant is all or nothing
class Employee < ActiveRecord::Base
include Grant::ModelSecurity
grant(:find)
grant(:destroy) { |user, model| user.has_role?(:admin) }
grant(:update, :create) do |user, model|
user.has_role?(:manager)
end
end
20. ... associations too
class Employee < ActiveRecord::Base
include Grant::ModelSecurity
has_many :reviews
grant(:find)
grant(:destroy) { |user, model| user.has_role?(:admin) }
grant(:update, :create) do |user, model|
user.has_role?(:manager)
end
grant(:add => :reviews, :remove => :reviews) do |user, model|
user.has_role?(:manager)
end
end
21. How does it work?
Hook methods
Dynamic Methods
Active Record Callbacks
Around Aliases