AbsinthePermission.Decision (AbsinthePermission v1.0.0)

Copy Markdown View Source

The result of evaluating all rules attached to a field.

Returned from AbsinthePermission.Evaluator.evaluate_pre/6 and emitted as the metadata payload of [:absinthe_permission, :decision] telemetry events. Useful for logging, audit trails, and tests.

Fields

  • :verdict:allow | :deny | :nullify | :filter

  • :reason — atom describing why; nil when allowed
  • :permission — the permission that was checked, when relevant
  • :field — the field identifier this decision is about
  • :matched_rules — rules whose condition fired
  • :loaded — map of name => record for any loaded data
  • :error_message — message to surface to the client when :verdict is :deny

Summary

Types

reason()
t()
verdict()

Functions

allow(opts \\ [])

Builds an :allow decision.

deny(opts \\ [])

Builds a :deny decision.

Types

reason()

@type reason() ::
  nil
  | :missing_permission
  | :condition_unmet
  | :no_rules
  | :load_failed
  | :evaluation_error

t()

@type t() :: %AbsinthePermission.Decision{
  error_message: binary() | nil,
  field: atom() | nil,
  loaded: %{required(atom()) => any()},
  matched_rules: [AbsinthePermission.Rule.t()],
  permission: binary() | nil,
  reason: reason(),
  verdict: verdict()
}

verdict()

@type verdict() :: :allow | :deny | :nullify | :filter

Functions

allow(opts \\ [])

@spec allow(keyword()) :: t()

Builds an :allow decision.

deny(opts \\ [])

@spec deny(keyword()) :: t()

Builds a :deny decision.