We’d like to share with you some of the lessons we learnt over time as we implemented authorization, permission management and access control in a variety of applications differing in scale, domain and purpose, and other constraints - in industries ranging from robotics all the way to healthcare.
There is a lot of aspects that affect design choices here. Use a handcrafted solution, or a general-purpose, plug-in library such as Permit with its automatic Ecto ? Define hard-coded authorization rules or build a more flexible solution?
Key Takeaways:
- We’d like to give the audience our perspective on how to reason about authorization in Elixir without the usual headaches. This includes both choosing the best tool for a job and designing the system in a way that strikes the balance between flexibility and complexity just right.
Target Audience:
- All Elixir developers and architects, as well as persons involved in business domain analysis in cooperation with software development teams.