VoileWeb.Auth.ControllerHelpers (Voile v0.1.23)

Copy Markdown View Source

Helper functions for authorization in Phoenix controllers.

Summary

Functions

authorize!(conn, permission, opts \\ [])

Authorize a user in a controller action. Raises UnauthorizedError if the user doesn't have permission.

can?(conn, permission, opts \\ [])

Check if the current user has a permission.

Functions

authorize!(conn, permission, opts \\ [])

Authorize a user in a controller action. Raises UnauthorizedError if the user doesn't have permission.

Examples

def delete(conn, %{"id" => id}) do
  authorize!(conn, "collections.delete", scope: {:collection, id})
  # ... rest of the action
end

can?(conn, permission, opts \\ [])

Check if the current user has a permission.

Examples

if can?(conn, "collections.update", scope: {:collection, id}) do
  # Show edit button
end