barrel_server_caps (barrel_server v1.0.1)

View Source

Per-route capability authorization for the agent-layer REST surface. The auth middleware only authenticates; each handler asks this module whether the presented bearer covers the space and right it is about to touch.

Three principals fall out of the bearer: - a capability token (bsp_...) is verified against the space with barrel_caps:verify/3 (wrong space and insufficient rights are 403s, a token dead since the middleware check is a 401); - any other bearer is a global token the middleware already validated: full access; - no bearer means the middleware is not installed (open mode): full access, matching the rest of the API.

Summary

Functions

The bearer must cover Right on SpaceId.

The route is global-only: capability tokens are denied whatever they grant (space creation, listing, dropping).

Functions

require(Req, SpaceId, Right)

-spec require(livery_req:req(), binary(), barrel_caps:right()) -> ok | {error, term()}.

The bearer must cover Right on SpaceId.

require_global(Req)

-spec require_global(livery_req:req()) -> ok | {error, forbidden}.

The route is global-only: capability tokens are denied whatever they grant (space creation, listing, dropping).