The declarative authorization plugin offers an authorization mechanism inspired by RBAC. The most notable distinction to other authorization plugins is the declarative approach. That is, authorization rules are not defined programmatically in between business logic but in an authorization configuration. With programmatic authorization rules, the developer needs to specify which roles are allowed to access a specific controller action or a part of a view, which is not DRY. With a growing application code base roles' permissions often change and new roles are introduced. Then, at several places of the source code the changes have to be implemented, possibly leading to omissions and thus hard to find errors. In these cases, a declarative approach as offered by decl_auth increases the development and maintenance efficiency.