bodyguard v0.6.0 Bodyguard.Policy behaviour

Behaviour to authorize actions on a particular resource.

Implement this behaviour for each schema that will be authorized.

Bodyguard expects this this module to be defined at MySchema.Policy unless specified otherwise.

Summary

Callbacks

Authorize a user’s ability to perform an action on a particular resource

Specify which schema attributes a user can modify

Specify which resources a user can access

Callbacks

can?(user, action, schema)
can?(user :: term, action :: atom, schema :: term) ::
  boolean |
  :ok |
  :error |
  {:error, reason :: term}

Authorize a user’s ability to perform an action on a particular resource.

To authorize an action, return true or :ok.

To deny authorization, return false, :error, or {:error, reason}.

permitted_attributes(user, schema)
permitted_attributes(user :: term, schema :: term) :: [atom]

Specify which schema attributes a user can modify.

scope(user, action, scope)
scope(user :: term, action :: atom, scope :: term) :: term

Specify which resources a user can access.

The result should be a subset of the scope argument.