WeaviateEx.RBAC.Role (WeaviateEx v0.7.4)

View Source

Represents a role in Weaviate RBAC.

A role is a named collection of permissions that can be assigned to users or groups. Roles provide a convenient way to manage access control by grouping related permissions.

Examples

# Create a role with permissions
permissions = [
  Permissions.collections("Article", [:read, :update]),
  Permissions.data("Article", [:read, :create, :update])
]
role = Role.new("article-editor", permissions)

# Add more permissions
role = Role.add_permissions(role, [Permissions.nodes(:verbose)])

# Check if role has a permission
Role.has_permission?(role, Permissions.data("Article", :read))
# => true

Summary

Types

t()

Functions

add_permissions(role, permissions)

Add permissions to an existing role.

from_api(api_data)

Decode a role from the Weaviate API response format.

has_permission?(role, permission)

Check if a role has a specific permission.

new(name, permissions \\ [])

Create a new role with the given name and optional permissions.

remove_permissions(role, permissions)

Remove permissions from a role.

to_api(role)

Encode a role to the Weaviate API format.

Types

t()

@type t() :: %WeaviateEx.RBAC.Role{
  name: String.t(),
  permissions: [WeaviateEx.RBAC.Permission.t()]
}

Functions

add_permissions(role, permissions)

@spec add_permissions(
  t(),
  WeaviateEx.RBAC.Permission.t() | [WeaviateEx.RBAC.Permission.t()]
) :: t()

Add permissions to an existing role.

Examples

role = Role.new("my-role")
role = Role.add_permissions(role, [Permissions.data("A", :read)])

from_api(api_data)

@spec from_api(map()) :: {:ok, t()} | {:error, String.t()}

Decode a role from the Weaviate API response format.

Examples

{:ok, role} = Role.from_api(%{
  "name" => "my-role",
  "permissions" => [%{"action" => "read_data", "collection" => "Article"}]
})

has_permission?(role, permission)

@spec has_permission?(t(), WeaviateEx.RBAC.Permission.t()) :: boolean()

Check if a role has a specific permission.

Examples

perm = Permissions.data("Article", :read)
role = Role.new("reader", [perm])
Role.has_permission?(role, perm)
# => true

new(name, permissions \\ [])

@spec new(
  String.t(),
  WeaviateEx.RBAC.Permission.t() | [WeaviateEx.RBAC.Permission.t()] | []
) :: t()

Create a new role with the given name and optional permissions.

Permissions can be a single permission, a list of permissions, or nested lists (which will be flattened).

Parameters

  • name - The role name
  • permissions - Optional list of permissions (default: [])

Examples

Role.new("reader")
Role.new("editor", [Permissions.data("Article", [:read, :update])])

remove_permissions(role, permissions)

@spec remove_permissions(
  t(),
  WeaviateEx.RBAC.Permission.t() | [WeaviateEx.RBAC.Permission.t()]
) :: t()

Remove permissions from a role.

Permissions are matched by content equality (same type, action, and filters).

Examples

perm = Permissions.data("A", :read)
role = Role.new("my-role", [perm])
role = Role.remove_permissions(role, [perm])

to_api(role)

@spec to_api(t()) :: map()

Encode a role to the Weaviate API format.

Examples

role = Role.new("my-role", [Permissions.data("A", :read)])
Role.to_api(role)
# => %{"name" => "my-role", "permissions" => [%{"action" => "read_data", ...}]}