Action Policy VS request_migrations

Action Policy is a flexible, extensible, and performant authorization framework for Ruby and Rails apps. It uses multiple caching strategies out of the box, making it very fast, especially if your authorization rules require database queries.

Action Policy is the latest Authorization framework I've seen recommended. What is more, it is maintained by the nice and experienced team from Evil Martians.

Lots of goodies here, such as token authentication, role- and permission-based authorization (including a move from Pundit to ActionPolicy), and how I test the API end-to-end using *raises flame shield* Cucumber.

Also, ActionPolicy is better than Pundit for most applications. Give it a try.

Use Action Policy or Pundit, and write tests for your policies. Authz is worth testing with near complete coverage.

You may ask what's makes Active Entry better or different from other gems like Pundit, Action Policy (especially), or CanCanCan.

At work, we've recently faced similar issues and moved to ActionPolicy as a result. It's designed slightly differently, but there is a lot of overlap with what John came up with.

request_migraitons

Hey all -- this is a story about REST API versioning and how, sometimes, you get things really (really) wrong. The post goes over what I did to dig myself out of a pretty bad hole, caused by a bad design choice. It also introduces a new gem I wrote, called request_migrations, which handles API version migrations for Rails apps [0].

[0]: https://github.com/keygen-sh/request_migrations