It helps maintain consistency and avoid repetition of authorization-related concerns, slotting in seamlessly into the Phoenix Controller pipelines and LiveView lifecycles.
Permission Management & Authorization
Permit helps unify permission management concerns across the codebase, providing a resource- and attribute-based, plain-Elixir rule definition syntax, as well as mechanisms for constructing Ecto queries for accessible resources based on defined permissions and consistently use it for preloading and authorizing resources in Phoenix controllers and LiveView.
When plugged into Phoenix, it automatically preloads records based on current context (e.g. path and params) taken from a controller's Conn or, in LiveView, from the Socket and event parameters. It then either puts the found record in assigns if authorized, or handles authorization failure otherwise.
Permit can work with or without Ecto, as well as with or without Phoenix, and is extensible for usage with any other Elixir-based toolset through its Resolver behaviour. We encourage you to try it out in your applications or contribute to its development!