Openmaize.IdCheck
Plug to perform a further check based on the user id.
This plug needs to be called after Openmaize.Authorize, which makes the initial authorization checks.
For this plug to work, you need to have the start of the path and the start of the path + “/:id” in the protected map in the config. For example, the following entry protects “/users” and checks ids under “/users”:
config: openmaize,
protected: %{"/users" => ["user"], "/users/:id" => ["user"]}
There are two options:
redirects
- if true, which is the default, redirect if authorized or if there is an error
show
- if true, the user is allowed to see pages that are not his / her id, but cannot edit them
- if false, which is the default, the user cannot view these pages
Examples
Call IdCheck without any options:
Plug Openmaize.IdCheck
Call IdCheck without redirects:
Plug Openmaize.IdCheck, redirects: false
Call IdCheck and allow users to view the pages of other ids:
Plug Openmaize.IdCheck, show: true
Summary↑
call(conn, opts) | Verify that the user, based on id, is authorized to access the page / resource |
init(opts) | Callback implementation for |
Functions
Verify that the user, based on id, is authorized to access the page / resource.
Callback implementation for c:Plug.init/1
.