Canary.Plugs
Summary↑
authorize_resource(conn, opts) | Authorize the current user for the given resource |
load_and_authorize_resource(conn, opts) | Authorize the given resource and then load it if authorization succeeds |
load_resource(conn, opts) | Load the resource given by conn.params["id"] and ecto model given by opts[:model] into conn.assigns.loaded_resource |
Functions
Authorize the current user for the given resource.
In order to use this function, 1) conn.assigns.current_user must be the module name of an ecto model, and 2) conn.private must be a map.
If authorization succeeds, assign conn.assigns.authorized to true. If authorization fails, assign conn.assigns.authorized to false.
For the “index”, “new”, and “create” actions, the resource in the Canada.Can implementation should be the module name of the model rather than a struct.
For example: use def can?(%User{}, :index, Post), do: true instead of def can?(%User{}, :index, %Post{}), do: true
Authorize the given resource and then load it if authorization succeeds.
If the resource cannot be loaded or authorization fails, conn.assigns.loaded_resource is set to nil.
The result of the authorization (true/false) is assigned to conn.assigns.authorized.
Also, see the documentation for load_resource/2 and authorize_resource/2.
Load the resource given by conn.params["id"] and ecto model given by opts[:model] into conn.assigns.loaded_resource.
If the resource cannot be fetched, conn.assigns.load_resource is set to nil.
If the action is “index”, all records from the specified model will be loaded.
Currently, new and create actions are ignored, and conn.assigns.loaded_resource will be set to nil for these actions.