2 Repos
Policy-defined scope classes that restrict database queries to records the current user is permitted to see.
Distinct from Query Scopes: Distinct from Query Scopes: focuses on authorization-driven scope classes, not general reusable query constraints.
Explore 2 awesome GitHub repositories matching data & databases · Authorization Scope Classes. Refine with filters or upvote what's useful.
Pundit is an authorization framework for Ruby applications that enforces permissions through plain Ruby policy objects. It maps controller actions to policy methods, automatically inferring which policy class and query method to call based on the action name, and raises a custom exception when access is denied. The framework distinguishes itself by using plain Ruby classes without external DSLs or configuration files, and by providing a development-time verification guard that raises an error if a controller action runs without an authorization call. It also supports namespace-based policy or
Restricts database queries to authorized records using policy-defined scope classes.
Action Policy is a Ruby authorization framework designed to manage user access and permissions by encapsulating security logic into dedicated policy classes. It provides a structured system for defining access rules that evaluate user actions against specific application resources, ensuring that security logic remains decoupled from the primary application code. The framework distinguishes itself through its ability to handle complex authorization requirements across diverse interfaces, including web controllers and various API formats. It supports dynamic permission evaluation by utilizing a
Uses policy-defined scope classes to automatically filter database queries to records the current user is permitted to see.