ExCedar.Decision (ex_cedar v0.1.2)

Copy Markdown View Source

Authorization decision returned by ExCedar.Authorizer.authorize/4.

  • :allow — at least one permit policy matched and no forbid policy matched.
  • :deny — the default when no permit matched, or a forbid policy matched.
  • determining_policies — IDs of the policies that caused the outcome.
  • errors — per-policy evaluation errors (Cedar runtime errors, e.g. attribute access on an entity not in the store). The decision is still valid when this list is non-empty.

Summary

Types

t()

@type t() :: %ExCedar.Decision{
  decision: :allow | :deny,
  determining_policies: [String.t()],
  errors: [String.t()]
}