ExTeal v0.21.0

ExTeal.Policy behaviour (ExTeal v0.21.0) View Source

A Policy authorizes CRUD use of a resource based on the Plug.Conn

Link to this section Summary

Callbacks

create_any?(t)

Can a user create a resource? Returning false will disable the '+' button on a resource and return a 403 on api requests

delete?( t, struct )

Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests

delete_any?(t)

Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests

update?( t, struct )

Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests

update_any?(t)

Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests

view?( t, struct )

Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests

view_any?(t)

Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests

Link to this section Callbacks

Link to this callback

create_any?(t)

View Source

Specs

create_any?(Plug.Conn.t()) :: boolean()

Can a user create a resource? Returning false will disable the '+' button on a resource and return a 403 on api requests

Link to this callback

delete?( t, struct )

View Source

Specs

delete?(
  Plug.Conn.t(),
  struct()
) :: boolean()

Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests

Link to this callback

delete_any?(t)

View Source

Specs

delete_any?(Plug.Conn.t()) :: boolean()

Can a user delete any resource? Returning false will disable the 'delete' buttons on all resource records and return a 403 on api requests

Link to this callback

update?( t, struct )

View Source

Specs

update?(
  Plug.Conn.t(),
  struct()
) :: boolean()

Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests

Link to this callback

update_any?(t)

View Source

Specs

update_any?(Plug.Conn.t()) :: boolean()

Can a user update any records? Returning false will disable the 'edit' button on a record and return a 403 on api requests

Link to this callback

view?( t, struct )

View Source

Specs

view?(
  Plug.Conn.t(),
  struct()
) :: boolean()

Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests

Link to this callback

view_any?(t)

View Source

Specs

view_any?(Plug.Conn.t()) :: boolean()

Can the resource be viewed at all? Returning false will hide the resource in the sidebar and in relationships and return a 403 on api requests