Permit - an authorization library for Phoenix, LiveView and Ecto

We’ve released Permit - a new open-source project at Curiosum aiming to make it easier to manage permission-based access control in Elixir applications, supporting Ecto, Phoenix and LiveView. Permit exposes a mostly plain-Elixir, DSL-free syntax to reduce developer confusion and avoid a steep learning curve.

Through Permit.Ecto, Permit is the first authorization library for Elixir to automatically convert authorization conditions to Ecto queries, as well as being the first to integrate seamlessly with Phoenix LiveView with Permit.Phoenix .

If you’re interested in securing your controllers and making resource loading and authorization easier, or you used to like cancancan popular with Rails developers, you might find Permit especially useful (it is very far from being a clone of anything, though). See README for usage examples.

Permit consists of three packages:


Feel free to contribute and enjoy the usage!


This looks like a really great library for those outside of the Ash ecosystem. Congratulations!

Not quite; Ash has had it’s SAT solving policy authorizer which automatically constrains read and write queries to PostgreSQL (as well as any other supported DataLayer) for several years now.


I’ve seen a similar feature in the LetMe library by @woylie , named “scoped queries” :grinning:

Very neat never the less!

We’ve taken a look at this some time ago, and it looks to me that scoped queries still require you to define Ecto queries manually - this is good from a specific standpoint, but the approach here is that most conditions should be convertible automatically.

1 Like

Thank you for pointing us to this, James.

This escaped our attention somehow, and looks to be tightly coupled with Ash altogether, but we’ll update the documentation and other descriptions to take it into account.

Thank you for contributing!

Would you mind to also write few words how it compares to Janus ?

I think you have a copypasta in your README, there are 2 functions called show/2

I wrote Janus :slight_smile:

On the surface, it looks like Permit and Janus are very similar! They both prefer plain Elixir and a single source of truth – the same authz rules are used for individual resources as well as scoped Ecto queries.

Permit seems much more feature-complete (Phoenix/LiveView integration) and has corporate backing, which makes it very attractive! I need to look at Permit more carefully, but I’d love to see if there’s anything novel in Janus that could be ported to Permit and potentially retire Janus if they’re as similar as I think they are.