Action Policy
typed_params
Our great sponsors
Action Policy | typed_params | |
---|---|---|
10 | 8 | |
1,333 | 104 | |
- | 1.0% | |
5.7 | 8.3 | |
9 days ago | 4 months ago | |
Ruby | Ruby | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Action Policy
-
Using Action Policy for a Ruby on Rails App: The Basics
Action Policy is a flexible, extensible, and performant authorization framework for Ruby and Rails apps. It uses multiple caching strategies out of the box, making it very fast, especially if your authorization rules require database queries.
-
Pundit VS Action Policy - a user suggested alternative
2 projects | 2 Jul 2023
Action Policy is the latest Authorization framework I've seen recommended. What is more, it is maintained by the nice and experienced team from Evil Martians.
-
GitHub - keygen/api: an open, source-available software licensing and distribution API built with Ruby on Rails
Lots of goodies here, such as token authentication, role- and permission-based authorization (including a move from Pundit to ActionPolicy), and how I test the API end-to-end using *raises flame shield* Cucumber.
- Authentication, Roles, and Authorization... oh my.
-
Five Ruby Gems for Authentication and Authorization
Also, ActionPolicy is better than Pundit for most applications. Give it a try.
-
Concerns about authorization when going in production
Use Action Policy or Pundit, and write tests for your policies. Authz is worth testing with near complete coverage.
- Service Objects (with dry-monads) and authorization
-
Access control gem for your Rails application (the 2nd)
You may ask what's makes Active Entry better or different from other gems like Pundit, Action Policy (especially), or CanCanCan.
-
Rails: How to Reduce Friction at the Authorization Layer
At work, we've recently faced similar issues and moved to ActionPolicy as a result. It's designed slightly differently, but there is a lot of overlap with what John came up with.
typed_params
-
"Useless Ruby sugar": Pattern matching (Pt. 1)
I don't have an Elixir background, but I absolutely utilize pattern matching in my Ruby code bases:
- https://github.com/keygen-sh/typed_params/blob/4e4982b7d2b26...
- https://github.com/keygen-sh/typed_params/blob/4e4982b7d2b26...
- https://github.com/keygen-sh/keygen-api/blob/master/app/migr...
- https://github.com/keygen-sh/keygen-api/blob/36cd61db143cc1c...
- https://github.com/keygen-sh/typed_params/blob/4e4982b7d2b26...
I love it. I want even more pattern matching too, like with defp: https://bugs.ruby-lang.org/issues/19764.
-
Show HN: Typed_params – An alternative to Rails strong_parameters
It's possible via a custom validation. I just added a test for that to showcase how: https://github.com/keygen-sh/typed_params/commit/5d2c91a484f...
-
GitHub - keygen/api: an open, source-available software licensing and distribution API built with Ruby on Rails
typed_params
- Show HN: typed_params – structured and typed parameters for Rails controllers
- GitHub - keygen-sh/typed_params: Define structured and strongly-typed parameter schemas for your Rails controllers
What are some alternatives?
Pundit - Minimal authorization through OO design and pure Ruby classes
ruby-next - Ruby Next makes modern Ruby code run in older versions and alternative implementations
CanCanCan - The authorization Gem for Ruby on Rails.
keygen-api - Keygen is an open, source-available software licensing and distribution API built with Ruby on Rails. For developers, by developers.
rolify - Role management library with resource scoping
rails_param - Parameter Validation & Type Coercion for Rails
jay_doubleu_tee - A JWT authorization middleware for any web application.
request_migrations - Write request and response migrations for Stripe-like versioning of your Ruby on Rails API. Make breaking changes without breaking things!
AccessGranted - Multi-role and whitelist based authorization gem for Rails (and not only Rails!)
Declarative Authorization - An unmaintained authorization plugin for Rails. Please fork to support current versions of Rails
Trust - Authorization mechanisms for Rails
RoleCore - 🔐A Rails engine providing essential industry of Role-based access control.