cerber.impl.roles
populate-roles-and-permissionsclj
(populate-roles-and-permissions subject client roles-mapping transitions)Updates subject's roles and permissions according to following rules:
-
if a client is given (which assumes client-originated request) roles are calculated based on client's scopes-to-roles transitions map intersected with subject's own roles. Next, based on resulting roles, permissions are calculated and assigned finally to subject.
-
if no client is given (which assumes user-originated request) subject's roles stay untouched. Permissions are being calculated and merged with own subject's ones (if any).
General idea behind these two rules is: when client's scopes are available use them to deduce roles and permissions, otherwise use subject's own roles to calculate final permissions.
Updates subject's roles and permissions according to following rules: - if a client is given (which assumes client-originated request) roles are calculated based on client's scopes-to-roles transitions map intersected with subject's own roles. Next, based on resulting roles, permissions are calculated and assigned finally to subject. - if no client is given (which assumes user-originated request) subject's roles stay untouched. Permissions are being calculated and merged with own subject's ones (if any). General idea behind these two rules is: when client's scopes are available use them to deduce roles and permissions, otherwise use subject's own roles to calculate final permissions.
roles->permissions*clj
(roles->permissions* roles roles-mapping)Unrolls roles into corresponding set of permissions.
Unrolls roles into corresponding set of permissions.
unroll-rolesclj
(unroll-roles roles-mapping)Walks through roles-mapping unrolling every nested
role with flat set of permissions.
Walks through `roles-mapping` unrolling every nested role with flat set of permissions.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close