VoileWeb.Auth.GLAMAuthorization (Voile v0.1.27)

GLAM-specific authorization helpers for Gallery, Library, Archive, and Museum curators.

This module extends the base RBAC system to support GLAM-specific role checks where curators can only manage collections of their designated GLAM type.

Usage

# Check if user can manage a collection based on their curator role
can_manage_glam_collection?(user, collection)

# Get user's assigned GLAM types
get_user_glam_types(user)

# Check if user is a specific type of curator
is_librarian?(user)
is_archivist?(user)
is_gallery_curator?(user)
is_museum_curator?(user)

Summary

Functions

can_create_glam_collection?(user, glam_type)

Check if a user can create collections of a specific GLAM type.

can_manage_glam_collection?(user, collection)

Check if a user can manage a collection based on their GLAM curator role.

get_user_glam_types(user)

Get all GLAM types a user is authorized to manage based on their curator roles.

is_archivist?(user)

Check if user is an archivist (can manage Archive collections).

is_gallery_curator?(user)

Check if user is a gallery curator (can manage Gallery collections).

is_librarian?(user)

Check if user is a librarian (can manage Library collections).

is_museum_curator?(user)

Check if user is a museum curator (can manage Museum collections).

is_super_admin?(user)

Check if user is a super admin.

scope_collections_by_glam_role(query, user)

Filter collections query to only include collections the user can manage based on GLAM type.

Functions

can_create_glam_collection?(user, glam_type)

Check if a user can create collections of a specific GLAM type.

Examples

iex> can_create_glam_collection?(librarian, "Library")
true

iex> can_create_glam_collection?(librarian, "Museum")
false

can_manage_glam_collection?(user, collection)

Check if a user can manage a collection based on their GLAM curator role.

A curator can only manage collections of their designated GLAM type. Super admins can manage all collections.

Examples

iex> can_manage_glam_collection?(librarian_user, library_collection)
true

iex> can_manage_glam_collection?(librarian_user, museum_collection)
false

get_user_glam_types(user)

Get all GLAM types a user is authorized to manage based on their curator roles.

Returns a list of GLAM type strings: ["Library", "Archive", etc.]

Examples

iex> get_user_glam_types(user)
["Library", "Archive"]

is_archivist?(user)

Check if user is an archivist (can manage Archive collections).

is_gallery_curator?(user)

Check if user is a gallery curator (can manage Gallery collections).

is_librarian?(user)

Check if user is a librarian (can manage Library collections).

is_museum_curator?(user)

Check if user is a museum curator (can manage Museum collections).

is_super_admin?(user)

Check if user is a super admin.

scope_collections_by_glam_role(query, user)

Filter collections query to only include collections the user can manage based on GLAM type.

Examples

Collection
|> GLAMAuthorization.scope_collections_by_glam_role(user)
|> Repo.all()