View Source Ash.Authorizer behaviour (ash v3.4.44)

The interface for an ash authorizer

These will typically be implemented by an extension, but a custom one can be implemented by defining an extension that also adopts this behaviour.

Then you can extend a resource with authorizers: [YourAuthorizer]

Summary

Types

context()

@type context() :: map()

state()

@type state() :: map()

Callbacks

add_calculations(arg1, state, context)

(optional)
@callback add_calculations(Ash.Query.t() | Ash.Changeset.t(), state(), context()) ::
  {:ok, Ash.Query.t() | Ash.Changeset.t(), state()} | {:error, Ash.Error.t()}

alter_filter(filter, state, context)

(optional)
@callback alter_filter(filter :: Ash.Filter.t(), state(), context()) ::
  {:ok, Ash.Filter.t()} | {:error, Ash.Error.t()}

alter_results(state, list, context)

(optional)
@callback alter_results(state(), [Ash.Resource.record()], context()) ::
  {:ok, [Ash.Resource.record()]} | {:error, Ash.Error.t()}

check(state, context)

@callback check(state(), context()) ::
  :authorized
  | {:data, [Ash.Resource.record()]}
  | {:error, :forbidden, state()}
  | {:error, Ash.Error.t()}

check_context(state)

@callback check_context(state()) :: [atom()]

exception(atom, state)

(optional)
@callback exception(atom(), state()) :: no_return()

initial_state(t, record, action, t)

strict_check(state, context)

@callback strict_check(state(), context()) ::
  {:authorized, state()}
  | {:continue, state()}
  | {:filter, Keyword.t()}
  | {:filter, Keyword.t(), state()}
  | {:filter_and_continue, Keyword.t(), state()}
  | {:error, term()}

strict_check_context(state)

@callback strict_check_context(state()) :: [atom()]

Functions

add_calculations(module, query_or_changeset, state, context)

alter_filter(module, state, filter, context)

alter_results(module, state, records, context)

alter_sort(module, state, sort, context)

check(module, state, context)

check_context(module, state)

exception(module, reason, state)

initial_state(module, actor, resource, action, domain)

strict_check(module, state, context)

strict_check_context(module, state)