terminator v0.2.0 Terminator View Source

Main Terminator module for including macros

Terminator has 3 main components:

Relations between models

Terminator.Performer -> Terminator.Ability [1-n] - Any given performer can hold multiple abilities this allows you to have very granular set of abilities per each performer

Terminator.Performer -> Terminator.Role [1-n] - Any given performer can act as multiple roles this allows you to manage multple sets of abilities for multiple performers at once

Terminator.Role -> Terminator.Ability [m-n] - Any role can have multiple abilities therefore you can have multiple roles to have different/same abilities

Calculating abilities

Calculation of abilities is done by OR and DISTINCT abilities. That means if you have

Role[:admin, abilities: [:delete]], Role[:editor, abilities: [:update]], Role[:user, abilities: [:view]] and all roles are granted to single performer, resulting abilities will be [:delete, :update, :view]

Available permissions

Link to this section Summary

Functions

Macro for wrapping protected code

Requires an ability within permissions block

Requires a role within permissions block

Returns authorization result on collected performer and required roles/abilities

Macro for defining required permissions

Link to this section Functions

Link to this macro

as_authorized(list) View Source (macro)

Macro for wrapping protected code

Example

defmodule HelloTest do
  use Terminator

  def test_authorization do
    as_authorized do
      IO.inspect("This code is executed only for authorized performer")
    end
  end
end
Link to this function

has_ability(ability) View Source
has_ability(atom()) :: {:ok, any()}

Requires an ability within permissions block

Example

defmodule HelloTest do
  use Terminator

  def test_authorization do
    permissions do
      has_ability(:can_run_test_authorization)
    end
  end
end
Link to this function

has_role(role) View Source
has_role(atom()) :: {:ok, any()}

Requires a role within permissions block

Example

defmodule HelloTest do
  use Terminator

  def test_authorization do
    permissions do
      has_role(:admin)
    end
  end
end
Link to this function

is_authorized?() View Source
is_authorized?() :: :ok | {:error, String.t()}

Returns authorization result on collected performer and required roles/abilities

Example

defmodule HelloTest do
  use Terminator

  def test_authorization do
    case is_authorized? do
      :ok -> "Performer is authorized"
      {:error, message: _message} -> "Performer is not authorized"
  end
end
Link to this macro

permissions(list) View Source (macro)

Macro for defining required permissions

Example

defmodule HelloTest do
  use Terminator

  def test_authorization do
    permissions do
      has_role(:admin)
      has_ability(:view)
    end
  end
end