(is-allowed {{user :user} :session-data http-request :request :as state})
(is-allowed {{user :user} :session-data
roles :acl/roles
{method :request-method} :request
:as state}
{:keys [role privilege resource prefix] :as access})
Checks if the user is able to do an action on a resource. Returns xiana/ok when it is, and extends [:response-data :acl] with the :over of ownership check. When the user has no access, returns xiana/error or executes ((:or-else access) state) if it's provided. If any key is missing from 'access' it's resolved like:
req: | action: |
---|---|
:get | :read |
:post | :create |
:put | :update |
:delete | :delete |
Checks if the user is able to do an action on a resource. Returns xiana/ok when it is, and extends [:response-data :acl] with the :over of ownership check. When the user has no access, returns xiana/error or executes ((:or-else access) state) if it's provided. If any key is missing from 'access' it's resolved like: - role from user - resource from URI (/users/ -> "users") - and privilege from request method: |req: | action: | |------- |---------| |:get | :read | |:post | :create | |:put | :update | |:delete | :delete |
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close