Datacop.AbsintheMiddleware.Authorize (datacop v0.1.2)

Performs authorization for the given resolution.

This module helps to build authorization logic for batches, based on Dataloader. Each time the middleware receives {:dataloader, _dataloader_config} tuple, it loads(accumulates) data in the dataloader struct, in order to run single query in the end. As a result, this middleware returns resolution with either a successfully resolved state or Datacop.UnauthorizedError.

Options

  • :loader - either dataloader struct or 1-arity function, which can fetch dataloader struct, based on Absinthe.Schema.context/1. It uses default Datacop.default_loader/1, when the option is nil.
  • :actor - the actor struct, which is used in the authorize/3 function for the target module.
  • :subject - the subject struct, which is used in the authorize/3 function for the target module. By default this is resolution.source.
  • :callback - custom function callback, which handles Datacop result.

Example

opts = [
  loader: &(&1.loader),
  actor: &(&1.actor),
  callback: fn
    :ok -> {:ok, true)
    error -> {:ok, false}
  end}
]
middleware(Authorize, {MyApp.Blog, :view_stats, opts})

Link to this section Summary

Link to this section Types

Specs

opts() :: [
  actor: (context :: map() -> Datacop.actor()) | Datacop.actor(),
  subject: any(),
  loader: (context :: map() -> Dataloader.t()) | Dataloader.t(),
  callback:
    (:ok | {:error, Datacop.UnauthorizedError.t()} ->
       {:ok, any()} | {:error, map()})
]