Cerbos helps you super-charge your authorization implementation by writing context-aware access control policies for your application resources. Author access rules using an intuitive YAML configuration language, use your Git-ops infrastructure to test and deploy them, and make simple API requests to the Cerbos policy decision point (PDP) server to evaluate the policies and make dynamic access decisions.
The Cerbos Ruby SDK makes it easy to interact with the Cerbos PDP from your Ruby applications.
- Cerbos 0.16+
- Ruby 3.1+
Install the gem and add it to your application's Gemfile by running
$ bundle add cerbos
If you're not using Bundler to manage dependencies, install the gem by running
$ gem install cerbos
client = Cerbos::Client.new("localhost:3593", tls: false)
decision = client.check_resource(
principal: {
id: "user@example.com",
roles: ["USER"],
},
resource: {
kind: "document",
id: "1",
attr: {
owner: "author@example.com"
}
},
actions: ["view", "edit"]
)
decision.allow?("view") # => true
decision.allow?("edit") # => false
For more details, see the Client
documentation.