The declarative_authorization plugin offers an authorization mechanism inspired by RBAC. The most
notable distinction to existing authorization plugins is the declarative
authorization approach. That is, authorization rules are not programmatically
in between business logic but collectively in an authorization configuration.

Have a look at the plugin README or the declarative_authorization blog post and Ryan Bates’ screencast for information. For the details, refer to the API docs.

Refer to the Google Group mailing list for discussions of the plugin’s usage and report issues on the Github Issue Tracker.