Action Policy vs typed_params

Our great sponsors

InfluxDB - Power Real-Time Data Analytics at Scale

WorkOS - The modern identity platform for B2B SaaS

SaaSHub - Software Alternatives and Reviews

Our great sponsors

Action Policy		typed_params
	Project
10	Mentions	8
1,333	Stars	104
-	Growth	1.0%
5.7	Activity	8.3
9 days ago	Latest Commit	4 months ago
Ruby	Language	Ruby
MIT License	License	MIT License

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

Action Policy

Posts with mentions or reviews of Action Policy. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-10-11.

Using Action Policy for a Ruby on Rails App: The Basics
2 projects | dev.to | 11 Oct 2023

Action Policy is a flexible, extensible, and performant authorization framework for Ruby and Rails apps. It uses multiple caching strategies out of the box, making it very fast, especially if your authorization rules require database queries.
Pundit VS Action Policy - a user suggested alternative
2 projects | 2 Jul 2023

Action Policy is the latest Authorization framework I've seen recommended. What is more, it is maintained by the nice and experienced team from Evil Martians.
GitHub - keygen/api: an open, source-available software licensing and distribution API built with Ruby on Rails
5 projects | /r/rails | 22 Jun 2023

Lots of goodies here, such as token authentication, role- and permission-based authorization (including a move from Pundit to ActionPolicy), and how I test the API end-to-end using *raises flame shield* Cucumber.
Authentication, Roles, and Authorization... oh my.
6 projects | /r/rails | 26 Apr 2023
Five Ruby Gems for Authentication and Authorization
1 project | /r/ruby | 27 Oct 2022

Also, ActionPolicy is better than Pundit for most applications. Give it a try.
Concerns about authorization when going in production
2 projects | /r/rails | 16 Aug 2022

Use Action Policy or Pundit, and write tests for your policies. Authz is worth testing with near complete coverage.
Service Objects (with dry-monads) and authorization
1 project | /r/ruby | 5 Jun 2021
Access control gem for your Rails application (the 2nd)
4 projects | dev.to | 26 Apr 2021

You may ask what's makes Active Entry better or different from other gems like Pundit, Action Policy (especially), or CanCanCan.
Rails: How to Reduce Friction at the Authorization Layer
1 project | /r/ruby | 15 Mar 2021

At work, we've recently faced similar issues and moved to ActionPolicy as a result. It's designed slightly differently, but there is a lot of overlap with what John came up with.

typed_params

Posts with mentions or reviews of typed_params. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-10-20.

"Useless Ruby sugar": Pattern matching (Pt. 1)
3 projects | news.ycombinator.com | 20 Oct 2023

I don't have an Elixir background, but I absolutely utilize pattern matching in my Ruby code bases:
- https://github.com/keygen-sh/typed_params/blob/4e4982b7d2b26...
- https://github.com/keygen-sh/typed_params/blob/4e4982b7d2b26...
- https://github.com/keygen-sh/keygen-api/blob/master/app/migr...
- https://github.com/keygen-sh/keygen-api/blob/36cd61db143cc1c...
- https://github.com/keygen-sh/typed_params/blob/4e4982b7d2b26...
I love it. I want even more pattern matching too, like with defp: https://bugs.ruby-lang.org/issues/19764.
Show HN: Typed_params – An alternative to Rails strong_parameters
2 projects | news.ycombinator.com | 4 Jul 2023

It's possible via a custom validation. I just added a test for that to showcase how: https://github.com/keygen-sh/typed_params/commit/5d2c91a484f...
GitHub - keygen/api: an open, source-available software licensing and distribution API built with Ruby on Rails
5 projects | /r/rails | 22 Jun 2023

typed_params
Show HN: typed_params – structured and typed parameters for Rails controllers
2 projects | news.ycombinator.com | 7 Jun 2023
GitHub - keygen-sh/typed_params: Define structured and strongly-typed parameter schemas for your Rails controllers
1 project | /r/rubyonrails | 7 Jun 2023

1 project | /r/ruby | 7 Jun 2023

5 projects | /r/rails | 7 Jun 2023

What are some alternatives?

When comparing Action Policy and typed_params you can also consider the following projects:

Pundit - Minimal authorization through OO design and pure Ruby classes

ruby-next - Ruby Next makes modern Ruby code run in older versions and alternative implementations

CanCanCan - The authorization Gem for Ruby on Rails.

keygen-api - Keygen is an open, source-available software licensing and distribution API built with Ruby on Rails. For developers, by developers.

rolify - Role management library with resource scoping

rails_param - Parameter Validation & Type Coercion for Rails

jay_doubleu_tee - A JWT authorization middleware for any web application.

request_migrations - Write request and response migrations for Stripe-like versioning of your Ruby on Rails API. Make breaking changes without breaking things!

AccessGranted - Multi-role and whitelist based authorization gem for Rails (and not only Rails!)

Declarative Authorization - An unmaintained authorization plugin for Rails. Please fork to support current versions of Rails

Trust - Authorization mechanisms for Rails

RoleCore - 🔐A Rails engine providing essential industry of Role-based access control.