Introducing Permit: An Authorization Library for Elixir - Michał Buszkiewicz - Elixir Meetup #8

A new authorization library for Elixir designed to simplify and unify authorization processes. In this session, Michał shared the progress made on Permit, detailed its current status, and discussed future plans for the library.

About Michał Buszkiewicz

Michał Buszkiewicz is an expert in Elixir and the Phoenix Framework with a background in Ruby on Rails. As the co-founder and CEO of Curiosum, Michał is passionate about developing efficient solutions and training junior Elixir developers.

The Need for Permit

Why Create a New Authorization Library?

Michał began by explaining the motivation behind creating Permit. He highlighted the limitations of existing authorization solutions in the Elixir ecosystem and the need for a more flexible and powerful library.

Key Points:

• Limitations of Existing Solutions: Current libraries are not flexible enough for advanced authorization needs.
• Inspired by CanCan: Permit aims to bring the ease of use and power of CanCan (a popular Ruby authorization library) to Elixir.

Features of Permit

Attribute-Based Access Control (ABAC)

Permit is built on the ABAC model, allowing for more granular and flexible authorization rules. This model enables reasoning about any attributes of the subject (user) and the resource (object) being authorized.

Key Features:

• Granular Authorization: Define rules based on various attributes.
• Flexibility: Easily implement different authorization models, such as role-based access control (RBAC) and mandatory access control (MAC).

Current Status and Implementation

Public Repository and Documentation

Michał announced that Permit now has a public repository on GitHub and is published on Hex. Although the documentation is still limited, it is a priority for future development.

Key Resources:

• GitHub Repository: Access the source code and contribute to development.
• Hex Package: Install Permit via Hex and access initial documentation.

Key Components of Permit

Michał provided an overview of the key components and implementation details of Permit, including the syntax for defining permissions and the process for translating rules into Ecto queries.

Key Components:

• Permission Definitions: Use Elixir's keyword lists to define authorization rules.
• Ecto Integration: Automatically translate rules into Ecto queries for efficient data access.

Practical Examples

Defining Permissions

Michał demonstrated how to define permissions in Permit, using keyword lists to create flexible and powerful authorization rules. He emphasized the importance of defining conditions for users rather than roles.

Building Ecto Queries

Permit can automatically build Ecto queries based on the defined rules, enabling efficient data retrieval and authorization checks.

Future Plans

Enhancements and Integrations

Michał outlined several future plans for Permit, including integrations with other frameworks and potential extensions to support various authorization models.

Future Goals:

• Framework Integrations: Integrate Permit with Absinthe for GraphQL and Commanded for CQRS.
• Authorization Models: Develop reusable mixes or adapters for RBAC, MAC, and other models.
• Static Code Analysis: Implement tools for static code analysis to ensure comprehensive authorization coverage.

Q&A Session Highlights

Community Involvement

Michał encouraged the Elixir community to contribute to Permit and participate in shaping its development. He invited developers to join the public repository and provide feedback.

Key Takeaways:

• Open Source Contribution: Join the GitHub repository and contribute to Permit.
• Community Feedback: Engage with the development process to improve the library.

Ready to deploy your Elixir applications with Kubernetes? Register for the next Elixir Meetup at Curiosum Meetups: Registration Join our community of Elixir enthusiasts at Elixir LinkedIn Group Prefer watching the presentation? Here’s the video