access_decision_manager v0.2.1 AccessDecisionManager.Voter behaviour
Voters must implement the Voter behavior, which means they have to implement a
vote
function.
All voters set in the config are called for every granted?
call.
If the attribute and subjects are not supported by the voter,
then return :access_abstain
.
defmodule Mypp.Auth.FooVoter do
@behaviour AccessDecisionManager.Voter
def vote(_primary_subject, _attribute, _secondary_subject), do :access_abstain
end
Link to this section Summary
Callbacks
This method does the actual voting
Link to this section Callbacks
Link to this callback
vote(subject, attribute, subject)
vote(subject :: struct(), attribute :: String.t(), subject :: struct()) :: :access_granted | :access_denied | :access_abstain
This method does the actual voting.
One of the following atoms must returned:
:access_granted
:access_denied
:access_abstain
Examples
Check a user’s permission to edit a blog post:
vote(current_user, "EDIT", blog)
Check a user’s permission to delete a blog post’s comments
vote(current_user, "DELETE_COMMENTS", blog)
Check if a user has a particular role:
vote(current_user, "ROLE_ADMIN", nil)
The attribute names are entirely arbitrary. Make them up to suit your needs!