z_acl (zotonic_core v1.0.0-rc.17)
Access control for Zotonic. Interfaces to modules implementing the ACL events.
Summary
Functions
Make the context an anymous context by stripping the acl and user from the context.
Call a function as the anonymous user. The acl and user is removed from the context. If the function is a MFA then the anonymous context is added as the last argument.
Return a term that can be used as the ACL part of cache key.
Flush the memo cache of ACL lookups for the given resource id.
Check if the current user is an admin or a sudo action
Check if an admin is logged on and the read only flag is not set. Exception for sudo, where updates are always allowed.
Check if an action is allowed for the current actor. If the ACL is inconclusive and returns 'undefined' then the action is not allowed.
Check if it is allowed to create an edge between the subject and object using the predicate.
Check if an action on a property of a resource is allowed for the current actor. If the ACL is inconclusive and returns 'undefined' then the property is assumed to be visible. This is different then the is_allowed for resources, where an inconclusive answer is assumed to be that the resource is not visible.
Check if the current access permissions are set to read-only. This is an authorization option for the current z.auth cookie or bearer token.
Check if the current context acl is set using a sudo.
Log off, reset the acl field of the context. Call the #acl_logoff notification if a user is defined. This allows the ACL module to make adjustments to the context.
Set the context to the user's context, with the given user id and the access permissions of the user. Note that the user's preferences are not set, use logon_prefs/2 to set those.
Set the context to the user's context, with the given user id and the access permissions of the user. The options are passed to the ACL module. Check the selected ACL module(s) for supported options. Note that the user's preferences are not set, use logon_prefs/3 to set those.
Log the user with the id on, fill acl and set all user preferences (like timezone and language)
Log the user with the id on, fill acl and set all user preferences (like timezone and language). The options are passed to the ACL module. Check the selected ACL module(s) for supported options.
Refresh the authentication of the current user
Check if an action is allowed for the current actor. Can return an inconclusive answer with 'undefined'. The caller has then to decide what to do.
Check if a resource can be deleted by the current user. Non existing resources are not deletable.
Check if a resource can be edited by the current user. Non existing resources are not editable.
Check if an connection can be added to the resource. Returns true if the ACL allows adding a 'relation' edge from the resource to itself.
Check if a property of the resource is visible for the current user. If the resource does not exist then the peoperty is visible.
Check if a resource is visible for the current user. Non existing resources are visible.
Set the current context to read only. Models can use this state to prevent updates to data.
Return a context with sudo permissions set. The user of the context stays the same, except when there is ACL set, then the user is set to the id of the admin user (1).
Call a function with admin privileges. If the function is a MFA then the sudo-context is appended to the argument list as the last function argument.
Return the id of the user that originally logged in, irrespective of the user that was switched to. If there is no sudo user id then the current user id is returned.
Return the id of the current user.
Return the list of user groups the current context is member of.
Types
-type acl() :: [operationrequest()].
-type action() :: use | admin | view | insert | update | delete | link | atom().
-type maybe_boolean() :: undefined | boolean().
-type object() :: m_rsc:resource() | #acl_rsc{id :: m_rsc:resource_id() | undefined, category :: atom(), props :: map()} | #acl_edge{subject_id :: m_rsc:resource(), predicate :: pos_integer() | atom(), object_id :: m_rsc:resource()} | #acl_media{mime :: binary(), size :: undefined | non_neg_integer()} | any().
Functions
Make the context an anymous context by stripping the acl and user from the context.
-spec anondo(Fun, Context) -> Value when Fun :: {module(), atom()} | mfa() | fun((AnonContext) -> any()), Context :: z:context(), AnonContext :: z:context(), Value :: any().
Call a function as the anonymous user. The acl and user is removed from the context. If the function is a MFA then the anonymous context is added as the last argument.
-spec cache_key(z:context()) -> {m_rsc:resource_id() | undefined, any()}.
Return a term that can be used as the ACL part of cache key.
-spec flush(Id) -> ok when Id :: m_rsc:resource_id().
Flush the memo cache of ACL lookups for the given resource id.
Check if the current user is an admin or a sudo action
Check if an admin is logged on and the read only flag is not set. Exception for sudo, where updates are always allowed.
-spec is_allowed(Action, Object, Context) -> IsAllowed when Action :: action(), Object :: object(), Context :: z:context(), IsAllowed :: boolean().
Check if an action is allowed for the current actor. If the ACL is inconclusive and returns 'undefined' then the action is not allowed.
-spec is_allowed_link(Subject, Predicate, Object, Context) -> boolean() when Subject :: m_rsc:resource(), Predicate :: m_rsc:resource(), Object :: m_rsc:resource(), Context :: z:context().
Check if it is allowed to create an edge between the subject and object using the predicate.
-spec is_allowed_prop(Action, Object, Property, Context) -> IsAllowed when Action :: action(), Object :: object(), Property :: atom() | binary(), Context :: z:context(), IsAllowed :: true | false.
Check if an action on a property of a resource is allowed for the current actor. If the ACL is inconclusive and returns 'undefined' then the property is assumed to be visible. This is different then the is_allowed for resources, where an inconclusive answer is assumed to be that the resource is not visible.
Check if the current access permissions are set to read-only. This is an authorization option for the current z.auth cookie or bearer token.
Check if the current context acl is set using a sudo.
-spec logoff(UserContext) -> AnonContext when UserContext :: z:context(), AnonContext :: z:context().
Log off, reset the acl field of the context. Call the #acl_logoff notification if a user is defined. This allows the ACL module to make adjustments to the context.
-spec logon(User, Context) -> UserContext when User :: m_rsc:resource(), Context :: z:context(), UserContext :: z:context().
Set the context to the user's context, with the given user id and the access permissions of the user. Note that the user's preferences are not set, use logon_prefs/2 to set those.
-spec logon(User, Options, Context) -> UserContext when User :: m_rsc:resource(), Options :: map(), Context :: z:context(), UserContext :: z:context().
Set the context to the user's context, with the given user id and the access permissions of the user. The options are passed to the ACL module. Check the selected ACL module(s) for supported options. Note that the user's preferences are not set, use logon_prefs/3 to set those.
-spec logon_prefs(User, Context) -> UserContext when User :: m_rsc:resource_id(), Context :: z:context(), UserContext :: z:context().
Log the user with the id on, fill acl and set all user preferences (like timezone and language)
-spec logon_prefs(User, Options, Context) -> UserContext when User :: m_rsc:resource(), Options :: map(), Context :: z:context(), UserContext :: z:context().
Log the user with the id on, fill acl and set all user preferences (like timezone and language). The options are passed to the ACL module. Check the selected ACL module(s) for supported options.
Refresh the authentication of the current user
-spec maybe_allowed(Action, Object, Context) -> MaybeIsAllowed when Action :: action(), Object :: object(), Context :: z:context(), MaybeIsAllowed :: maybe_boolean().
Check if an action is allowed for the current actor. Can return an inconclusive answer with 'undefined'. The caller has then to decide what to do.
-spec rsc_deletable(m_rsc:resource(), z:context()) -> boolean().
Check if a resource can be deleted by the current user. Non existing resources are not deletable.
-spec rsc_editable(m_rsc:resource(), z:context()) -> boolean().
Check if a resource can be edited by the current user. Non existing resources are not editable.
-spec rsc_linkable(m_rsc:resource(), z:context()) -> boolean().
Check if an connection can be added to the resource. Returns true if the ACL allows adding a 'relation' edge from the resource to itself.
-spec rsc_prop_visible(Resource, Property, Context) -> IsVisible when Resource :: m_rsc:resource(), Property :: atom() | binary(), Context :: z:context(), IsVisible :: boolean().
Check if a property of the resource is visible for the current user. If the resource does not exist then the peoperty is visible.
-spec rsc_visible(m_rsc:resource(), z:context()) -> boolean().
Check if a resource is visible for the current user. Non existing resources are visible.
Set the current context to read only. Models can use this state to prevent updates to data.
-spec sudo(ContextOrSite) -> SudoContext when ContextOrSite :: z:context() | atom(), SudoContext :: z:context().
Return a context with sudo permissions set. The user of the context stays the same, except when there is ACL set, then the user is set to the id of the admin user (1).
-spec sudo(Fun, ContextOrSite) -> Value when Fun :: {module(), atom()} | mfa() | fun((SudoContext) -> any()), ContextOrSite :: z:context() | atom(), SudoContext :: z:context(), Value :: any().
Call a function with admin privileges. If the function is a MFA then the sudo-context is appended to the argument list as the last function argument.
-spec sudo_user(z:context()) -> m_rsc:resource_id() | undefined.
Return the id of the user that originally logged in, irrespective of the user that was switched to. If there is no sudo user id then the current user id is returned.
-spec user(z:context()) -> m_rsc:resource_id() | undefined.
Return the id of the current user.
-spec user_groups(z:context()) -> [m_rsc:resource_id()].
Return the list of user groups the current context is member of.