View Source Ash.Authorizer behaviour (ash v3.4.48)

The interface for an ash authorizer

These will typically be implemented by an extension, but a custom one can be implemented by defining an extension that also adopts this behaviour.

Then you can extend a resource with authorizers: [YourAuthorizer]

Summary

Types

context()
state()

Callbacks

add_calculations(arg1, state, context)
alter_filter(filter, state, context)
alter_results(state, list, context)
check(state, context)
check_context(state)
exception(atom, state)
initial_state(t, record, action, t)
strict_check(state, context)
strict_check_context(state)

Functions

add_calculations(module, query_or_changeset, state, context)
alter_filter(module, state, filter, context)
alter_results(module, state, records, context)
alter_sort(module, state, sort, context)
check(module, state, context)
check_context(module, state)
exception(module, reason, state)
initial_state(module, actor, resource, action, domain)
strict_check(module, state, context)
strict_check_context(module, state)

Types

context()

@type context() :: map()

state()

@type state() :: map()

Callbacks

add_calculations(arg1, state, context)

(optional) 
@callback add_calculations(Ash.Query.t() | Ash.Changeset.t(), state(), context()) ::
  {:ok, Ash.Query.t() | Ash.Changeset.t(), state()} | {:error, Ash.Error.t()}

alter_filter(filter, state, context)

(optional) 
@callback alter_filter(filter :: Ash.Filter.t(), state(), context()) ::
  {:ok, Ash.Filter.t()} | {:error, Ash.Error.t()}

alter_results(state, list, context)

(optional) 
@callback alter_results(state(), [Ash.Resource.record()], context()) ::
  {:ok, [Ash.Resource.record()]} | {:error, Ash.Error.t()}

check(state, context)

@callback check(state(), context()) ::
  :authorized
  | {:data, [Ash.Resource.record()]}
  | {:error, :forbidden, state()}
  | {:error, Ash.Error.t()}

check_context(state)

@callback check_context(state()) :: [atom()]

exception(atom, state)

(optional) 
@callback exception(atom(), state()) :: no_return()

initial_state(t, record, action, t)

@callback initial_state(
  Ash.Resource.t(),
  Ash.Resource.record(),
  Ash.Resource.Actions.action(),
  Ash.Domain.t()
) :: state()

strict_check(state, context)

@callback strict_check(state(), context()) ::
  {:authorized, state()}
  | {:continue, state()}
  | {:filter, Keyword.t()}
  | {:filter, Keyword.t(), state()}
  | {:filter_and_continue, Keyword.t(), state()}
  | {:error, term()}

strict_check_context(state)

@callback strict_check_context(state()) :: [atom()]

Functions

add_calculations(module, query_or_changeset, state, context)

alter_filter(module, state, filter, context)

alter_results(module, state, records, context)

alter_sort(module, state, sort, context)

check(module, state, context)

check_context(module, state)

exception(module, reason, state)

initial_state(module, actor, resource, action, domain)

strict_check(module, state, context)

strict_check_context(module, state)