View Source Lightning.Policies.Users (Lightning v2.10.4)

The Bodyguard Policy module for users roles.

Summary

Types

actions()

Functions

authorize(action, authenticated_user, account_user)

authorize/3 takes an action, a user, and a project. It checks the user's role for this project and returns true if the user can perform the action and false if they cannot.

Types

Link to this type

actions()

View Source 
@type actions() ::
  :access_admin_space | :edit_credential | :delete_credential | :delete_account

Functions

Link to this function

authorize(action, authenticated_user, account_user)

View Source 
@spec authorize(actions(), Lightning.Accounts.User.t(), any()) :: boolean()

authorize/3 takes an action, a user, and a project. It checks the user's role for this project and returns true if the user can perform the action and false if they cannot.

Note that permissions are grouped by action.

We deny by default, so if a user's role is not added to the allow roles list for a particular action they are denied.