Liking cljdoc? Tell your friends :D
Clojure only.
framework.acl.core
This package will be removed in the next version, use rbac instead
This package will be removed in the next version, use rbac instead
acl-restrictclj
(acl-restrict)(acl-restrict m)Access control layer interceptor. Enter: Lambda function checks access control. Leave: Lambda function place for tightening db query via provided owner-fn.
Access control layer interceptor. Enter: Lambda function checks access control. Leave: Lambda function place for tightening db query via provided owner-fn.
is-allowedclj
(is-allowed {{user :user} :session-data http-request :request :as state})(is-allowed {{user :user} :session-data
roles :acl/roles
{method :request-method} :request
:as state}
{:keys [role privilege resource prefix] :as access})Checks if the user is able to do an action on a resource. Returns xiana/ok when it is, and extends [:response-data :acl] with the :over of ownership check. When the user has no access, returns xiana/error or executes ((:or-else access) state) if it's provided. If any key is missing from 'access' it's resolved like:
- role from user
- resource from URI (/users/ -> "users")
- and privilege from request method:
| req: | action: |
|---|---|
| :get | :read |
| :post | :create |
| :put | :update |
| :delete | :delete |
Checks if the user is able to do an action on a resource. Returns xiana/ok when it is, and extends [:response-data :acl] with the :over of ownership check. When the user has no access, returns xiana/error or executes ((:or-else access) state) if it's provided. If any key is missing from 'access' it's resolved like: - role from user - resource from URI (/users/ -> "users") - and privilege from request method: |req: | action: | |------- |---------| |:get | :read | |:post | :create | |:put | :update | |:delete | :delete |
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close