{"id":13594779,"url":"https://github.com/zenstackhq/zenstack","last_synced_at":"2026-03-05T06:09:02.678Z","repository":{"id":62625485,"uuid":"539768967","full_name":"zenstackhq/zenstack","owner":"zenstackhq","description":"Fullstack TypeScript toolkit that enhances Prisma ORM with flexible Authorization layer for RBAC/ABAC/PBAC/ReBAC, offering auto-generated type-safe APIs and frontend hooks.","archived":false,"fork":false,"pushed_at":"2025-05-08T04:07:17.000Z","size":8080,"stargazers_count":2484,"open_issues_count":158,"forks_count":106,"subscribers_count":14,"default_branch":"main","last_synced_at":"2025-05-12T15:21:41.291Z","etag":null,"topics":["access-control","acl","api","auth","authorization","authz","fullstack","javascript","nextjs","node","nodejs","openapi","orm","permission","permissions","prisma","rbac","rls","saas","trpc"],"latest_commit_sha":null,"homepage":"https://zenstack.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zenstackhq.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"zenstackhq"}},"created_at":"2022-09-22T02:42:35.000Z","updated_at":"2025-05-12T11:29:37.000Z","dependencies_parsed_at":"2022-11-03T19:50:36.246Z","dependency_job_id":"50bf0f7b-a2d7-4ceb-b9a2-5aa25807c090","html_url":"https://github.com/zenstackhq/zenstack","commit_stats":{"total_commits":740,"total_committers":40,"mean_commits":18.5,"dds":0.2743243243243243,"last_synced_commit":"d2554f280ad91b2e4db215060facbc3013d5ab59"},"previous_names":[],"tags_count":122,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zenstackhq%2Fzenstack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zenstackhq%2Fzenstack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zenstackhq%2Fzenstack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zenstackhq%2Fzenstack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zenstackhq","download_url":"https://codeload.github.com/zenstackhq/zenstack/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253763994,"owners_count":21960491,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","acl","api","auth","authorization","authz","fullstack","javascript","nextjs","node","nodejs","openapi","orm","permission","permissions","prisma","rbac","rls","saas","trpc"],"created_at":"2024-08-01T16:01:39.044Z","updated_at":"2026-03-05T06:09:02.643Z","avatar_url":"https://github.com/zenstackhq.png","language":"TypeScript","readme":"\u003cdiv align=\"center\"\u003e\n    \u003ca href=\"https://zenstack.dev\"\u003e\n    \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://raw.githubusercontent.com/zenstackhq/zenstack-docs/main/static/img/logo-dark.png\"\u003e\n    \u003cimg src=\"https://raw.githubusercontent.com/zenstackhq/zenstack-docs/main/static/img/logo.png\" height=\"128\"\u003e\n    \u003c/picture\u003e\n    \u003c/a\u003e\n    \u003ch1\u003eZenStack\u003c/h1\u003e\n    \u003ca href=\"https://www.npmjs.com/package/zenstack\"\u003e\n        \u003cimg src=\"https://img.shields.io/npm/v/zenstack\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://www.npmjs.com/package/zenstack\"\u003e\n        \u003cimg src=\"https://img.shields.io/npm/dm/zenstack\"\u003e\n    \u003c/a\u003e\n    \u003cimg src=\"https://github.com/zenstackhq/zenstack/actions/workflows/build-test.yml/badge.svg\"\u003e\n    \u003ca href=\"https://twitter.com/zenstackhq\"\u003e\n        \u003cimg src=\"https://img.shields.io/twitter/url?style=social\u0026url=https%3A%2F%2Fgithub.com%2Fzenstackhq%2Fzenstack\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://discord.gg/Ykhr738dUe\"\u003e\n        \u003cimg src=\"https://img.shields.io/discord/1035538056146595961\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://github.com/zenstackhq/zenstack/blob/main/LICENSE\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/license-MIT-green\"\u003e\n    \u003c/a\u003e\n\u003c/div\u003e\n\n## What it is\n\nZenStack is a Node.js/TypeScript toolkit that simplifies the development of web applications. It enhances [Prisma ORM](https://prisma.io) with a flexible Authorization layer and auto-generated, type-safe APIs/hooks, unlocking its full potential for full-stack development.\n\nOur goal is to let you save time writing boilerplate code and focus on building real features!\n\n## How it works\n\n\u003e Read full documentation at 👉🏻 [zenstack.dev](https://zenstack.dev). Join [Discord](https://discord.gg/Ykhr738dUe) for feedback and questions.\n\nZenStack incrementally extends Prisma's power with the following four layers:\n\n### 1. ZModel - an extended Prisma schema language\n\nZenStack introduces a data modeling language called \"ZModel\" - a superset of Prisma schema language. It extended Prisma schema with custom attributes and functions and, based on that, implemented a flexible access control layer around Prisma.\n\n```ts\n// base.zmodel\nabstract model Base {\n    id String @id\n    author User @relation(fields: [authorId], references: [id])\n    authorId String\n\n    // 🔐 allow full CRUD by author\n    @@allow('all', author == auth())\n}\n```\n\n```ts\n// schema.zmodel\nimport \"base\"\nmodel Post extends Base {\n    title String\n    published Boolean @default(false)\n\n    // 🔐 allow logged-in users to read published posts\n    @@allow('read', auth() != null \u0026\u0026 published)\n}\n```\n\nThe `zenstack` CLI transpiles the ZModel into a standard Prisma schema, which you can use with the regular Prisma workflows.\n\n### 2. Runtime enhancements to Prisma client\n\nAt runtime, transparent proxies are created around Prisma clients for intercepting queries and mutations to enforce access policies.\n\n```ts\nimport { enhance } from '@zenstackhq/runtime';\n\n// a regular Prisma client\nconst prisma = new PrismaClient();\n\nasync function getPosts(userId: string) {\n    // create an enhanced Prisma client that has access control enabled\n    const enhanced = enhance(prisma, { user: userId });\n\n    // only posts that're visible to the user will be returned\n    return enhanced.post.findMany();\n}\n```\n\n### 3. Automatic RESTful APIs through server adapters\n\nServer adapter packages help you wrap an access-control-enabled Prisma client into backend CRUD APIs that can be safely called from the frontend. Here's an example for Next.js:\n\n```ts\n// pages/api/model/[...path].ts\n\nimport { requestHandler } from '@zenstackhq/next';\nimport { enhance } from '@zenstackhq/runtime';\nimport { getSessionUser } from '@lib/auth';\nimport { prisma } from '@lib/db';\n\n// Mount Prisma-style APIs: \"/api/model/post/findMany\", \"/api/model/post/create\", etc.\n// Can be configured to provide standard RESTful APIs (using JSON:API) instead.\nexport default requestHandler({\n    getPrisma: (req, res) =\u003e enhance(prisma, { user: getSessionUser(req, res) }),\n});\n```\n\n### 4. Generated client libraries (hooks) for data access\n\nPlugins can generate strong-typed client libraries that talk to the aforementioned APIs. Here's an example for React:\n\n```tsx\n// components/MyPosts.tsx\n\nimport { useFindManyPost } from '@lib/hooks';\n\nconst MyPosts = () =\u003e {\n    // list all posts that're visible to the current user, together with their authors\n    const { data: posts } = useFindManyPost({\n        include: { author: true },\n        orderBy: { createdAt: 'desc' },\n    });\n\n    return (\n        \u003cul\u003e\n            {posts?.map((post) =\u003e (\n                \u003cli key={post.id}\u003e\n                    {post.title} by {post.author.name}\n                \u003c/li\u003e\n            ))}\n        \u003c/ul\u003e\n    );\n};\n```\n\n## Architecture\n\nThe following diagram gives a high-level architecture overview of ZenStack.\n\n![Architecture](https://zenstack.dev/img/architecture-light.png)\n\n## Links\n\n-   [Home](https://zenstack.dev)\n-   [Documentation](https://zenstack.dev/docs)\n-   [Community chat](https://discord.gg/Ykhr738dUe)\n-   [Twitter](https://twitter.com/zenstackhq)\n-   [Blog](https://zenstack.dev/blog)\n\n## Features\n\n-   Access control and data validation rules right inside your Prisma schema\n-   Auto-generated OpenAPI (RESTful) specifications, services, and client libraries\n-   End-to-end type safety\n-   Extensible: custom attributes, functions, and a plugin system\n-   A framework-agnostic core with framework-specific adapters\n-   Uncompromised performance\n\n### Plugins\n\n-   Prisma schema generator\n-   [Zod](https://zod.dev/) schema generator\n-   [SWR](https://github.com/vercel/swr) and [TanStack Query](https://github.com/TanStack/query) hooks generator\n-   OpenAPI specification generator\n-   [tRPC](https://trpc.io) router generator\n-   🙋🏻 [Request for a plugin](https://discord.gg/Ykhr738dUe)\n\n### Framework adapters\n\n-   [Next.js](https://zenstack.dev/docs/reference/server-adapters/next)\n-   [Nuxt](https://zenstack.dev/docs/reference/server-adapters/nuxt)\n-   [SvelteKit](https://zenstack.dev/docs/reference/server-adapters/sveltekit)\n-   [Fastify](https://zenstack.dev/docs/reference/server-adapters/fastify)\n-   [ExpressJS](https://zenstack.dev/docs/reference/server-adapters/express)\n-   [NestJS](https://zenstack.dev/docs/reference/server-adapters/nestjs)\n-   [Hono](https://zenstack.dev/docs/reference/server-adapters/hono)\n-   🙋🏻 [Request for an adapter](https://discord.gg/Ykhr738dUe)\n\n### Prisma schema extensions\n\n-   [Custom attributes and functions](https://zenstack.dev/docs/reference/zmodel-language#custom-attributes-and-functions)\n-   [Multi-file schema and model inheritance](https://zenstack.dev/docs/guides/multiple-schema)\n-   [Polymorphic Relations](https://zenstack.dev/docs/guides/polymorphism)\n-   [Strongly typed JSON field](https://zenstack.dev/docs/guides/typing-json)\n-   [Field encryption](https://zenstack.dev/docs/guides/field-encryption)\n-   🙋🏻 [Request for an extension](https://discord.gg/Ykhr738dUe)\n\n## Examples\n\n### Schema Samples\n\nThe [sample repo](https://github.com/zenstackhq/authz-modeling-samples) includes the following patterns:\n\n-   ACL\n-   RBAC\n-   ABAC\n-   Multi-Tenancy\n\nYou can use [this blog post](https://zenstack.dev/blog/model-authz) as an introduction.\n\n### Multi-Tenant Todo App\n\nCheck out the [Multi-tenant Todo App](https://zenstack-todo.vercel.app/) for a running example. You can find different implementations below:\n\n-   [Next.js + NextAuth + TanStack Query](https://github.com/zenstackhq/sample-todo-nextjs-tanstack)\n-   [Next.js + NextAuth + SWR](https://github.com/zenstackhq/sample-todo-nextjs)\n-   [Next.js + NextAuth + tRPC](https://github.com/zenstackhq/sample-todo-trpc)\n-   [Nuxt + TanStack Query](https://github.com/zenstackhq/sample-todo-nuxt)\n-   [SvelteKit + TanStack Query](https://github.com/zenstackhq/sample-todo-sveltekit)\n-   [RedwoodJS](https://github.com/zenstackhq/sample-todo-redwood)\n\n### Blog App\n\n-   [Next.js + App Route + TanStack Query](https://github.com/zenstackhq/docs-tutorial-nextjs-app-dir)\n-   [Next.js + Pages Route + SWR](https://github.com/zenstackhq/docs-tutorial-nextjs)\n-   [Next.js + App Route + tRPC](https://github.com/zenstackhq/sample-blog-nextjs-app-trpc)\n-   [Nuxt + TanStack Query](https://github.com/zenstackhq/docs-tutorial-nuxt)\n-   [SvelteKit](https://github.com/zenstackhq/docs-tutorial-sveltekit)\n-   [Remix](https://github.com/zenstackhq/docs-tutorial-remix)\n-   [NestJS Backend API](https://github.com/zenstackhq/docs-tutorial-nestjs)\n-   [Express Backend API](https://github.com/zenstackhq/docs-tutorial-express)\n-   [Clerk Integration](https://github.com/zenstackhq/docs-tutorial-clerk)\n\n## Community\n\nJoin our [discord server](https://discord.gg/Ykhr738dUe) for chat and updates!\n\n## Contributing\n\nIf you like ZenStack, join us to make it a better tool! Please use the [Contributing Guide](CONTRIBUTING.md) for details on how to get started, and don't hesitate to join [Discord](https://discord.gg/Ykhr738dUe) to share your thoughts. Documentations reside in a separate repo: [zenstack-docs](https://github.com/zenstackhq/zenstack-docs).\n\nPlease also consider [sponsoring our work](https://github.com/sponsors/zenstackhq) to speed up the development. Your contribution will be 100% used as a bounty reward to encourage community members to help fix bugs, add features, and improve documentation.\n\n## Sponsors\n\nThank you for your generous support!\n\n### Current Sponsors\n\n\u003ctable\u003e\n  \u003ctr\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://suhyl.com/\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/124434734?s=200\u0026v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Suhyl\"/\u003e\u003cbr /\u003eSuhyl\u003c/a\u003e\u003c/td\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://www.marblism.com/\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/143199531?s=200\u0026v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Marblism\"/\u003e\u003cbr /\u003eMarblism\u003c/a\u003e\u003c/td\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://www.mermaidchart.com/\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/117662492?s=200\u0026v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Mermaid Chart\"/\u003e\u003cbr /\u003eMermaid Chart\u003c/a\u003e\u003c/td\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://coderabbit.ai/\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/132028505?v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"CodeRabbit\"/\u003e\u003cbr /\u003eCodeRabbit\u003c/a\u003e\u003c/td\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/j0hannr\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/52762073?v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Johann Rohn\"/\u003e\u003cbr /\u003eJohann Rohn\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n### Previous Sponsors\n\n\u003ctable\u003e\n  \u003ctr\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/baenie\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/58309104?v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Benjamin Zecirovic\"/\u003e\u003cbr /\u003eBenjamin Zecirovic\u003c/a\u003e\u003c/td\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/umussetu\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/152648499?v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Ulric\"/\u003e\u003cbr /\u003eUlric\u003c/a\u003e\u003c/td\u003e\n   \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/iamfj\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/24557998?v=4\" width=\"100\" style=\"border-radius:50%\" alt=\"Fabian Jocks\"/\u003e\u003cbr /\u003eFabian Jocks\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n## Contributors\n\nThanks to all the contributors who have helped make ZenStack better!\n\n#### Source\n\n\u003ca href=\"https://github.com/zenstackhq/zenstack/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=zenstackhq/zenstack\" /\u003e\n\u003c/a\u003e\n\n#### Docs\n\n\u003ca href=\"https://github.com/zenstackhq/zenstack-docs/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=zenstackhq/zenstack-docs\" /\u003e\n\u003c/a\u003e\n\n## License\n\n[MIT](LICENSE)\n","funding_links":["https://github.com/sponsors/zenstackhq"],"categories":["TypeScript","api"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzenstackhq%2Fzenstack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzenstackhq%2Fzenstack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzenstackhq%2Fzenstack/lists"}