awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

10 dépôts

Awesome GitHub RepositoriesCustom Permissions

Logic for defining granular, application-specific authorization rules to control access to resolvers and controllers.

Distinct from Document Access Permissions: None of the candidates describe general application-level granular permission definition for API resolvers.

Explore 10 awesome GitHub repositories matching security & cryptography · Custom Permissions. Refine with filters or upvote what's useful.

Awesome Custom Permissions GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • lenve/vhrAvatar de lenve

    lenve/vhr

    28,090Voir sur GitHub↗

    This project is a human resources management system built using Spring Boot and Vue. It serves as a platform for managing employee records, professional titles, and organizational hierarchies. The system features a role-based access control framework that maps users to specific roles and resources to secure API endpoints and user interface elements. It includes a real-time communication hub utilizing WebSockets for internal corporate chat and system notifications, as well as a dedicated manager for defining and modifying nested organizational department structures. Additional capabilities co

    Intercepts unauthorized access attempts to return formatted JSON error messages and custom status codes.

    Java
    Voir sur GitHub↗28,090
  • vendurehq/vendureAvatar de vendurehq

    vendurehq/vendure

    7,924Voir sur GitHub↗

    Vendure is a Node.js e-commerce engine and headless commerce framework built with NestJS and TypeScript. It serves as a multi-channel commerce platform that manages product catalogs, orders, and customers via a strongly typed GraphQL API. The platform is distinguished by its highly extensible architecture, featuring a customizable administrative dashboard where developers can inject custom React components and entity views. It supports multi-channel commerce, allowing the isolation of products, currencies, and regional catalogs from a single unified backend. The engine covers a broad range o

    Provides granular permissions to restrict or allow access to specific API resolvers and controllers.

    TypeScriptecommerceecommerce-apiecommerce-framework
    Voir sur GitHub↗7,924
  • firebase/firebase-ios-sdkAvatar de firebase

    firebase/firebase-ios-sdk

    6,618Voir sur GitHub↗

    This is a Backend as a Service SDK for Apple platforms, providing a collection of libraries that connect iOS and macOS applications to cloud databases, authentication services, and serverless infrastructure. It serves as a developer kit for integrating real-time data synchronization, file storage, and push notifications into native apps. The SDK is distinguished by its generative AI integration, which routes text and multimodal prompts between on-device models and cloud-hosted large language models. It further differentiates itself with a specialized app distribution tool for managing pre-rel

    Rejects API requests lacking valid attestation tokens to prevent unauthorized backend access.

    C++aianalyticsauthentication
    Voir sur GitHub↗6,618
  • upspin/upspinAvatar de upspin

    upspin/upspin

    6,398Voir sur GitHub↗

    Upspin is a decentralized naming and storage system that provides an end-to-end encrypted file system. It assigns every user a unique identity and organizes files within a global, permissioned namespace where data is encrypted on the client before transmission. The system separates identity resolution from data storage using a public-key identity provider and a key-server architecture. This allows for decentralized identity management and the resolution of usernames to specific directory and storage server addresses. The project includes a hierarchical access control system that manages read

    Hides directory entries or returns privacy errors when a user lacks the necessary access rights to view them.

    Gocryptographyfusegolang
    Voir sur GitHub↗6,398
  • rack/rack-attackAvatar de rack

    rack/rack-attack

    5,746Voir sur GitHub↗

    Rack-attack est un middleware de limitation de débit (rate limiter) et un filtre de requêtes pour l'interface Rack. Il fournit un système pour brider les requêtes HTTP et maintenir des listes de blocage d'adresses IP afin de protéger les applications contre le trafic malveillant et les attaques par déni de service. Le projet permet l'atténuation des attaques DDoS au niveau applicatif et la gestion des limites de débit des API en identifiant et en rejetant les requêtes provenant de clients bannis ou d'adresses IP abusives. Il permet de définir des listes blanches (safelists) pour contourner les filtres et utilise une logique personnalisée pour déterminer si un client doit être bloqué ou bridé. L'outil couvre une gestion complète du trafic grâce au bannissement automatisé des clients, à des stratégies d'attente exponentielle (exponential backoff) et à la possibilité de définir des réponses de rejet personnalisées. Il inclut une instrumentation pour surveiller les modèles de requêtes et prend en charge des backends de cache externes pour synchroniser l'état entre les instances d'application distribuées.

    Allows defining custom HTTP response objects, status codes, and headers for blocklisted or throttled requests.

    Rubyrackrack-attackrack-middleware
    Voir sur GitHub↗5,746
  • rmosolgo/graphql-rubyAvatar de rmosolgo

    rmosolgo/graphql-ruby

    5,448Voir sur GitHub↗

    GraphQL-Ruby est une bibliothèque Ruby pour construire des API GraphQL avec un schéma fortement typé et un moteur d'exécution de requêtes dédié. Elle fournit un framework complet pour mapper les objets de l'application à un système de types formel, permettant une récupération de données structurée via des résolveurs définis. Le projet se distingue par des mécanismes avancés de performance et de livraison, incluant un data loader pour le batching et le cache afin d'éviter les patterns de requêtes N+1. Il supporte la livraison de données haute performance via le streaming de réponses incrémentales, les réponses de requêtes différées et la récupération de données en parallèle utilisant des fibers. De plus, il offre un support natif pour les conventions Relay, incluant des helpers spécialisés pour les connexions et l'identification d'objets. La bibliothèque couvre une large surface de gestion d'API, incluant un contrôle d'accès granulaire, le versioning de schéma pour maintenir la rétrocompatibilité et des mises à jour en temps réel via des abonnements. Elle inclut également des outils de gestion de trafic pour protéger les ressources serveur, tels que la limitation de complexité des requêtes et le rate limiting. Le développement et l'observabilité sont supportés par des outils d'analyse AST, le traçage d'exécution et des utilitaires de test spécialisés pour la vérification du chargement par lots.

    Provides custom replacements or specific error shapes when a user lacks permissions for a requested object.

    Ruby
    Voir sur GitHub↗5,448
  • kimai/kimaiAvatar de kimai

    kimai/kimai

    4,757Voir sur GitHub↗

    Kimai is an open-source time tracking system that records employee working hours, manages absences, and generates professional invoices from recorded timesheets and expenses. It organizes all time records through a mandatory three-level hierarchy of customer, project, and activity, and supports project budget monitoring with configurable time and money limits. The application is extensible through a plugin system that allows adding custom features, invoice templates, reporting views, and dashboard widgets without modifying core files. It provides a RESTful JSON API for programmatic read and w

    Registers new permissions through a plugin extension class for the permission administration UI.

    PHPdoctrineinvoiceinvoicing
    Voir sur GitHub↗4,757
  • aapanel/baotaAvatar de aaPanel

    aaPanel/BaoTa

    4,543Voir sur GitHub↗

    BaoTa is a web-based Linux server control panel and system administration dashboard designed for managing hosting environments and system resources. It provides a graphical interface to translate administrative actions into system-level configurations, allowing users to manage Linux servers and web hosting stacks without relying solely on the command line. The platform distinguishes itself through AI-driven server operations, utilizing artificial intelligence for performance analysis and the execution of maintenance tasks via natural language commands. It supports multi-node orchestration, en

    Customizes HTTP response codes for unauthenticated users to hide the management panel from attackers.

    Pythonbaotabt-panellamp
    Voir sur GitHub↗4,543
  • tastyigniter/tastyigniterAvatar de tastyigniter

    tastyigniter/TastyIgniter

    3,532Voir sur GitHub↗

    TastyIgniter is a comprehensive restaurant management system and digital ordering engine. Built as a modular application framework, it provides the tools necessary to operate online food ordering, table reservation systems, and multi-vendor e-commerce platforms. The platform is designed to handle complex restaurant operations, including multi-location networking and multi-vendor marketplace management. It distinguishes itself through specialized restaurant automation, such as coordinating guest limits and time slots for bookings, managing ingredient and allergen catalogs, and implementing mul

    Enables the definition of custom permission keys and groups to implement granular access control throughout the system.

    PHPfood-orderingfood-ordering-systemlaravel
    Voir sur GitHub↗3,532
  • hayes/pothosAvatar de hayes

    hayes/pothos

    2,576Voir sur GitHub↗

    Pothos is a code-first GraphQL schema builder and framework designed for type-safe development. It allows developers to construct schemas using typed definitions in TypeScript, eliminating the need for external code generation steps. The framework distinguishes itself through a dedicated data mapper that connects GraphQL types to relational databases and ORMs, such as Prisma, while optimizing query resolution. It provides a full implementation of the Relay specification, including global object identification and cursor-based pagination. The project covers several core capability areas, incl

    Customizes the outcome of unauthorized requests by returning custom values, empty collections, or specific errors.

    TypeScriptgraphqltypescript
    Voir sur GitHub↗2,576
  1. Home
  2. Security & Cryptography
  3. Custom Permissions

Explorer les sous-tags

  • Unauthorized Response Customization2 sous-tagsCustomizing the API output when a user lacks permissions, such as returning empty collections or specific error shapes. **Distinct from Custom Permissions:** Focuses on the response format and value returned upon authorization failure, not the definition of the permission itself.