Raxol.RBAC (Raxol v2.6.0)

View Source

Role-Based Access Control for Raxol.

Provides role definition and permission checking.

Example

Raxol.RBAC.define_role(:admin, [:read_all, :write_all, :delete_all])
Raxol.RBAC.define_role(:user, [:read_own, :write_own])

if Raxol.RBAC.can?(user, :delete_all) do
  delete_resource()
end

Summary

Functions

Assign a role to a user.

Check if a user has a specific permission.

Returns a specification to start this module under a supervisor.

Define a role with a list of permissions.

Get all permissions for a user.

Get all roles for a user.

Remove a role from a user.

Start the RBAC agent.

Functions

assign_role(user, role)

@spec assign_role(map() | String.t(), atom()) :: :ok

Assign a role to a user.

Example

Raxol.RBAC.assign_role(user, :admin)

can?(user, permission)

@spec can?(map() | String.t(), atom()) :: boolean()

Check if a user has a specific permission.

Example

if Raxol.RBAC.can?(user, :delete_all) do
  delete_resource()
end

child_spec(arg)

Returns a specification to start this module under a supervisor.

See Supervisor.

define_role(role, permissions)

@spec define_role(atom(), [atom()]) :: :ok

Define a role with a list of permissions.

Example

Raxol.RBAC.define_role(:admin, [:read_all, :write_all, :delete_all])

get_permissions(user)

@spec get_permissions(map() | String.t()) :: [atom()]

Get all permissions for a user.

Example

permissions = Raxol.RBAC.get_permissions(user)

get_roles(user)

@spec get_roles(map() | String.t()) :: [atom()]

Get all roles for a user.

Example

roles = Raxol.RBAC.get_roles(user)

remove_role(user, role)

@spec remove_role(map() | String.t(), atom()) :: :ok

Remove a role from a user.

Example

Raxol.RBAC.remove_role(user, :admin)

start_link(opts \\ [])

Start the RBAC agent.

Usually started automatically by the application supervisor.