Simple authorization functions that rely on Gardien.Policy protocol for verifying whether user is allowed to perform some action on a given resource. (see Gardien.Policy for more information on policy implementation details).

Gardien consists of several modules:

• Gardien.Controller - contains controller specific authorization functions
• Gardien.View - contains functions that can be used in views and templates
• Gardien.Authorization - authorization (module) plug.

Configuration

user - optional

By default Gardien will try to extract user from conn.assigns using current_user key. In case you want to change this behaviour you can configure user as follows:

# specify key that can be used to extract user from `conn.assigns`, e.g
# %Plug.Conn{assigns: %{admin: user}}
config :gardien,
  user: :admin

# or
config :gardien,
  user: {MyHelpers, :gardien_user}
# where `gardien_user` is a function that takes `conn` as an argument

unauthorized_handler - function responsible for handling unauthorized actions.

Gardien comes with default handler that will raise Gardien.AuthorizationError in case user is not authorized to perform some action. It’s recommended to overwrite default handler as follows:

config :gardien,
  unauthorized_handler: {MyHelpers, :unauthorized_handler}
# where `:unauthorized_handler` is a function that takes `conn` and authorization `context` as arguments