ExTeal.Policy behaviour (ExTeal v0.21.0) View Source
A Policy authorizes CRUD use of a resource based on the Plug.Conn
Link to this section Summary
Callbacks
Can a user create a resource? Returning false will disable the '+' button on a resource and return a 403 on api requests
Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests
Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests
Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests
Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests
Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests
Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests
Link to this section Callbacks
Specs
create_any?(Plug.Conn.t()) :: boolean()
Can a user create a resource? Returning false will disable the '+' button on a resource and return a 403 on api requests
Specs
delete?( Plug.Conn.t(), struct() ) :: boolean()
Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests
Specs
delete_any?(Plug.Conn.t()) :: boolean()
Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests
Specs
update?( Plug.Conn.t(), struct() ) :: boolean()
Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests
Specs
update_any?(Plug.Conn.t()) :: boolean()
Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests
Specs
view?( Plug.Conn.t(), struct() ) :: boolean()
Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests
Specs
view_any?(Plug.Conn.t()) :: boolean()
Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests