# `PermitEx.Absinthe.RequireAuthorization`
[🔗](https://github.com/devaction-labs/permit_ex/blob/v0.2.0/lib/permit_ex/absinthe/require_authorization.ex#L2)

Absinthe middleware for enforcing PermitEx roles and permissions.

    object :orders do
      field :create_order, :order do
        middleware PermitEx.Absinthe.RequireAuthorization, permission: "orders:manage"
        resolve &OrderResolver.create/2
      end
    end

Options:

- `:permission` - one required permission
- `:role` - one required role
- `:any_permissions` - at least one permission must match
- `:all_permissions` - every permission must match
- `:any_roles` - at least one role must match
- `:all_roles` - every role must match
- `:assign_key` - key in `resolution.context` holding the scope. Defaults to `:current_scope`.
- `:message` - error message returned on denial. Defaults to `"forbidden"`.

---

*Consult [api-reference.md](api-reference.md) for complete listing*