AuthN v0.2.0 AuthZ.Authorizer behaviour View Source

Declares the authorize/3 callback to be implemented by context modules.

The authorize/3 function should receive an atom describing the action, the logged in user and the resource intended to be accessed; the function should return :ok in case the action is authorized, or a tuple containing :error as its first element and an atom describing the reason of unauthorized access as its second element (allowing to return different possible reasons of failure allows the controller for example to send more specific error messages to the logs or the view).

Example:

  defmodule MyApp.Post.Policy do
    use AuthZ.Authorizer

    alias MyApp.Accounts.User
    alias MyApp.Blog.Post

    @unauthorized {:error, :unauthorized}

    def authorize(:edit_question, %User{id: user_id}, %Post{author: user_id}) do
      :ok
    end

    def authorize(:edit_question, _, _) do
      @unauthorized
    end
  end

Using (use) this module injects the authorized?/3 function simply calling authorize/3 and returning a boolean instead of a tuple.

Link to this section Summary

Link to this section Callbacks

Link to this callback

authorize(atom, term, term)

View Source
authorize(atom(), term(), term()) :: :ok | {:error, atom()}