AuthN v0.2.0 AuthZ.Authorizer behaviour View Source
Declares the authorize/3
callback to be implemented by context modules.
The authorize/3
function should receive an atom describing the action, the
logged in user and the resource intended to be accessed; the function should
return :ok in case the action is authorized, or a tuple containing :error as
its first element and an atom describing the reason of unauthorized access as
its second element (allowing to return different possible reasons of failure
allows the controller for example to send more specific error messages to the
logs or the view).
Example:
defmodule MyApp.Post.Policy do
use AuthZ.Authorizer
alias MyApp.Accounts.User
alias MyApp.Blog.Post
@unauthorized {:error, :unauthorized}
def authorize(:edit_question, %User{id: user_id}, %Post{author: user_id}) do
:ok
end
def authorize(:edit_question, _, _) do
@unauthorized
end
end
Using (use
) this module injects the authorized?/3
function simply calling
authorize/3
and returning a boolean instead of a tuple.