Voile.Catalog.AttachmentAccess (Voile v0.1.23)

Copy Markdown View Source

Context module for handling attachment access control. Provides functions to check permissions, manage access lists, and handle embargos.

Summary

Functions

accessible_by(query, user \\ nil)

Filter a query to only return attachments accessible by the user. Useful for listing attachments with proper access control.

bulk_grant_role_access(attachment_ids, role_id)

Bulk grant role access to multiple attachments.

bulk_grant_user_access(attachment_ids, user_id, granted_by_user_id)

Bulk grant user access to multiple attachments.

can_access?(attachment, user \\ nil)

Check if a user can access an attachment based on

get_access_summary(attachment)

Get access summary for an attachment. Returns a map with access control details.

grant_role_access(attachment_id, role_id)

Grant role-based access to an attachment.

grant_user_access(attachment_id, user_id, granted_by_user_id)

Grant user-specific access to an attachment.

has_limited_access?(attachment, user)

Check if user has limited access to an attachment. This checks both role-based and user-specific access.

is_embargo_passed?(attachment, current_datetime \\ nil)

Check if embargo period has passed for an attachment. Returns true if the attachment is accessible based on embargo dates.

is_super_admin?(user)

Check if user is a super admin.

list_allowed_roles(attachment_id)

List all roles that have access to an attachment.

list_allowed_users(attachment_id)

List all users that have specific access to an attachment.

revoke_role_access(attachment_id, role_id)

Revoke role-based access from an attachment.

revoke_user_access(attachment_id, user_id)

Revoke user-specific access from an attachment.

update_access_control(attachment, attrs, user)

Update access control settings for an attachment.

Functions

accessible_by(query, user \\ nil)

Filter a query to only return attachments accessible by the user. Useful for listing attachments with proper access control.

bulk_grant_role_access(attachment_ids, role_id)

Bulk grant role access to multiple attachments.

bulk_grant_user_access(attachment_ids, user_id, granted_by_user_id)

Bulk grant user access to multiple attachments.

can_access?(attachment, user \\ nil)

Check if a user can access an attachment based on:

  • Access level (public, limited, restricted)
  • Embargo dates
  • Role-based access
  • User-specific access
  • Super admin override

Examples

iex> can_access?(attachment, user)
true

iex> can_access?(attachment, nil)
false  # For restricted content

get_access_summary(attachment)

Get access summary for an attachment. Returns a map with access control details.

grant_role_access(attachment_id, role_id)

Grant role-based access to an attachment.

grant_user_access(attachment_id, user_id, granted_by_user_id)

Grant user-specific access to an attachment.

has_limited_access?(attachment, user)

Check if user has limited access to an attachment. This checks both role-based and user-specific access.

is_embargo_passed?(attachment, current_datetime \\ nil)

Check if embargo period has passed for an attachment. Returns true if the attachment is accessible based on embargo dates.

is_super_admin?(user)

Check if user is a super admin.

list_allowed_roles(attachment_id)

List all roles that have access to an attachment.

list_allowed_users(attachment_id)

List all users that have specific access to an attachment.

revoke_role_access(attachment_id, role_id)

Revoke role-based access from an attachment.

revoke_user_access(attachment_id, user_id)

Revoke user-specific access from an attachment.

update_access_control(attachment, attrs, user)

Update access control settings for an attachment.