vincentvanbush

vincentvanbush

Permit - an authorization library for Phoenix, LiveView and Ecto

Hello!
We’ve released Permit - a new open-source project at Curiosum aiming to make it easier to manage permission-based access control in Elixir applications, supporting Ecto, Phoenix and LiveView. Permit exposes a mostly plain-Elixir, DSL-free syntax to reduce developer confusion and avoid a steep learning curve.

Through Permit.Ecto, Permit is the first authorization library for Elixir to automatically convert authorization conditions to Ecto queries, as well as being the first to integrate seamlessly with Phoenix LiveView with Permit.Phoenix .

If you’re interested in securing your controllers and making resource loading and authorization easier, or you used to like cancancan popular with Rails developers, you might find Permit especially useful (it is very far from being a clone of anything, though). See README for usage examples.

Permit consists of three packages:

Links:

Feel free to contribute and enjoy the usage!

Most Liked

zachallaun

zachallaun

I wrote Janus :slight_smile:

On the surface, it looks like Permit and Janus are very similar! They both prefer plain Elixir and a single source of truth – the same authz rules are used for individual resources as well as scoped Ecto queries.

Permit seems much more feature-complete (Phoenix/LiveView integration) and has corporate backing, which makes it very attractive! I need to look at Permit more carefully, but I’d love to see if there’s anything novel in Janus that could be ported to Permit and potentially retire Janus if they’re as similar as I think they are.

jimsynz

jimsynz

Ash Core Team

This looks like a really great library for those outside of the Ash ecosystem. Congratulations!

Not quite; Ash has had it’s SAT solving policy authorizer which automatically constrains read and write queries to PostgreSQL (as well as any other supported DataLayer) for several years now.

vincentvanbush

vincentvanbush

Hey!
I apologize for my lack of responses here for the past year - the good news is that there are much more resources dedicated to developing the library actively now; long story short, I’ll be more actively responding to any issues arising. @ketupia , thank you for your comment - I will check it out and let you know.

Recently, we’ve updated the libraries with several additions as well as creating the Permit.Absinthe proof-of-concept to add Permit-based authorization into GraphQL APIs.

Most notably, we’ve added Phoenix LiveView v1.0 and Streams support, and added a more convenient way to check permissions for dynamically given action names.

Changelogs:

https://github.com/curiosum-dev/permit/blob/master/CHANGELOG.md
https://github.com/curiosum-dev/permit_ecto/blob/master/CHANGELOG.md
https://github.com/curiosum-dev/permit_phoenix/blob/master/CHANGELOG.md

Read more: Permit Updates: Phoenix LiveView 1.0 and Absinthe Integration | Curiosum

Where Next?

Popular in Announcing Top

ityonemo
Currently just starting out on a new mini-project - getting zig NIFs to run in elixir. https://github.com/ityonemo/zigler The idea here...
New
ostinelli
Let’s write a database! Well not really, but I think it’s a little sad that there doesn’t seem to be a simple in-memory distributed KV da...
New
aesmail
Hello guys, I have finally made it. I created an admin interface for a framework. It’s been on my todo list for years and with the curre...
New
oltarasenko
Dear Elixir community, After a year of development, bug fixes, and improvements, we are proudly ready to share the release of Crawly 0.1...
New
Crowdhailer
Experimenting with this code. OK.try do user <- fetch_user(1) cart <- fetch_cart(1) order = checkout(cart, user) save_orde...
New
cjen07
parameterized pipe in elixir: |n> edit: negative index in |n> and mixed usage with |> are supported example: use ParamPipe ...
New
Jskalc
Hi! Today, after a couple weeks of development I’ve released v0.1 of LiveVue. It’s a seamless integration of Vue and Phoenix LiveView, i...
New
josevalim
Hello everyone, We have just released NimbleCSV which is a small and fast CSV parsing library for Elixir. It allows developers to define...
New
woylie
I released Doggo, a collection of unstyled Phoenix components. https://github.com/woylie/doggo Features Unstyled Phoenix components....
New
markmark206
simple_feature_flags is a tiny package that lets you turn features on or off based on which environment (e.g. localhost, staging, product...
New

Other popular topics Top

Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
New
mcarvalho
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
chrismccord
As promised, the first release candidate of Phoenix 1.3.0 is out! This release focuses on code generators with improved project structure...
New
electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
jononomo
I am trying to figure out how Mix knows whether the environment is test, dev, or prod – where is this set? Thanks.
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
RisingFromAshes
I’ve read in another post that it may be possible with a router helper - but I couldn’t find an appropriate one, and tbh, I’m still just ...
New
Qqwy
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum. ...
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New

Latest on Elixir Forum

We're in Beta

About us Mission Statement