Openmaize v0.10.0 Openmaize.AccessControl
Function plugs to handle authorization.
The functions in this module need to be run after the Openmaize.Authenticate
plug, as they use the current_user
value in conn.assigns
.
With all of these functions, if the current_user is nil, or if there is
any other error, the connection will be halted. If the redirects
option
is set to true, which is the default, the user will be redirected to the
login page.
Summary
Functions
Verify that the user is authorized to access the requested page / resource
Verify that the user, based on the user id, is authorized to access the requested page / resource
Functions
Verify that the user is authorized to access the requested page / resource.
This check is based on user role.
This function has two options:
- roles - a list of permitted roles
- redirects - if true, which is the default, redirect on login / logout
Examples with Phoenix
In the relevant controller.ex
file:
import Openmaize.AccessControl
Only allow users with the role “admin” to access the pages in that module:
plug :authorize, roles: ["admin"]
Only allow users with the role “admin” to access the create and update pages (this means that the other pages are unprotected):
plug :authorize, roles: ["admin"] when action in [:create, :update]
Allow users with the role “admin” or “user” to access pages, and set redirects to false:
plug :authorize, roles: ["admin", "user"], redirects: false
Verify that the user, based on the user id, is authorized to access the requested page / resource.
This check only performs a check to see if the user id is correct. You will
need to use the authorize
plug to verify the user’s role.
This function has one option:
- redirects - if true, which is the default, redirect on login / logout