aegis v0.1.0 Aegis.Controller View Source

Wraps controllers with Aegis authorization functionality.

Link to this section Summary

Functions

Allows another module to inherit Aegis.Controller methods

Authorizes a resource, for a user, for a given action, and marks the connection as having had aegis authorization perfomed via the assignment of a boolean value to aegis_auth_performed on the connection

Calls controller action and performs a check on the connection in order to determine whether or not Aegis authorization has been performed

Link to this section Functions

Link to this macro __using__(opts \\ []) View Source (macro)

Allows another module to inherit Aegis.Controller methods.

Options

  • except - list of actions to exclude from aegis authorization; defaults to an empty list

Examples:

For Phoenix applications:

defmodule MyApp.PuppyController do
  use MyApp, :controller
  use Aegis.Controller

  def current_user(conn) do
    conn.assigns[:user]
  end
end

if you want to allow some actions to skip authorization, just use the except option:

defmodule MyApp.Controller do
  use MyApp, :controller
  use Aegis.Controller, except: [:custom_action]

  def current_user(conn) do
    conn.assigns[:user]
  end
end
Link to this function authorized?(conn, user, resource, action) View Source
authorized?(Plug.Conn.t(), term(), term(), atom()) ::
  {:ok, Plug.Conn.t()} |
  {:error, :not_authorized}

Authorizes a resource, for a user, for a given action, and marks the connection as having had aegis authorization perfomed via the assignment of a boolean value to aegis_auth_performed on the connection.

Examples

defmodule Puppy do
  defstruct [id: nil, user_id: nil, hungry: false]
end

defmodule Puppy.Policy do
  @behaviour Aegis.Policy

  def authorize(_user, :index, _puppy), do: true
  def authorize(_user, :show, _puppy), do: false
end

iex> conn = %Plug.Conn{} iex> user = :user iex> resource = Puppy iex> action = :index iex> {:ok, conn} = Aegis.Controller.authorized?(conn, user, resource, action) iex> conn.private[:aegis_auth_performed] true

iex> conn = %Plug.Conn{} iex> user = :user iex> resource = Puppy iex> action = :show iex> {:error, :not_authorized} == Aegis.Controller.authorized?(conn, user, resource, action) true

Link to this function call_action_and_verify_authorized(mod, actn, conn, user) View Source

Calls controller action and performs a check on the connection in order to determine whether or not Aegis authorization has been performed.

Examples