specomatic-db.access-control

Liking cljdoc? Tell your friends :D

Clojure only.

allowed-all?
allowed-condition?
allowed-some?
allowed?
check-query-arguments
concatenate-extra-conditions
conditions-snippet
ensure-views-exist!
etypes-extra-conditions
fields-allowed?
fields-extra-read-conditions
fields-forbidden-entities
forbidden-conditions
may-read-some?
root?
sufficient-predicates

Functions that provide all aspects of access control of specomatic.db: Permissions, access predicates and associated SQL views.

Functions that provide all aspects of access control of specomatic.db: Permissions, access predicates and associated SQL views.

raw docstring

allowed-all?^clj

(allowed-all? user verb etype)

Checks if the user can do what the verb describes with all entities of this type

Checks if the user can do what the verb describes with all entities of this type

source raw docstring

allowed-condition?^clj

(allowed-condition? schema condition permissions)

Checks if the condition is allowed.

Checks if the condition is allowed.

source raw docstring

allowed-some?^clj

(allowed-some? user verb etype)

Checks if the user can do what the verb describes with some entities of this type

Checks if the user can do what the verb describes with some entities of this type

source raw docstring

allowed?^clj

(allowed? user verb etype entity)

Checks if the user can do what the verb describes with this entity of this type

Checks if the user can do what the verb describes with this entity of this type

source raw docstring

check-query-arguments^clj

(check-query-arguments env fields conditions)

Returns true if arguments to specomation.core/query are allowed, throws exceptions if not.

Returns true if arguments to `specomation.core/query` are allowed, throws exceptions if not.

source raw docstring

concatenate-extra-conditions^clj

(concatenate-extra-conditions env fields conditions)

Appends extra conditions to conditions restricting read access according to access control permissions.

Appends extra conditions to `conditions` restricting read access according to access control permissions.

source raw docstring

conditions-snippet^clj

(conditions-snippet schema etypes permissions verb user-info)

Returns a snippet / sqlvec suitable for composing with a HugSQL statement

Returns a snippet / sqlvec suitable for composing with a HugSQL statement

source raw docstring

ensure-views-exist!^clj

(ensure-views-exist! db config)

Ensures an access control view exists in the database for every entity in the entity-schema and every predicate in predicates

Ensures an access control view exists in the database for every entity in the entity-schema and every predicate in predicates

source raw docstring

etypes-extra-conditions^clj

(etypes-extra-conditions schema
                         etypes
                         permissions
                         verb
                         {:keys [user-id user-etype]})

Returns a vector of extra HoneySQL conditions that need to be applied when retrieving the etypes for the user with user-id and permissions.

Returns a vector of extra HoneySQL conditions that need to be applied when retrieving the `etypes` for the user with `user-id` and `permissions`.

source raw docstring

fields-allowed?^clj

(fields-allowed? schema fields permissions)

Checks if the permissions give read access to all fields.

Checks if the `permissions` give read access to all `fields`.

source raw docstring

fields-extra-read-conditions^clj

(fields-extra-read-conditions schema fields permissions user-id user-etype)

Returns a sequence of extra HoneySQL conditions that need to be applied when retrieving the fields for the user with user-id and permissions.

Returns a sequence of extra HoneySQL conditions that need to be applied when retrieving the `fields` for the user with `user-id` and `permissions`.

source raw docstring

fields-forbidden-entities^clj

(fields-forbidden-entities schema fields permissions)

Returns the seql entities that occur in fields and are forbidden to read given the permissions.

Returns the seql entities that occur in `fields` and are forbidden to read given the `permissions`.

source raw docstring

forbidden-conditions^clj

(forbidden-conditions schema conditions permissions)

Returns a sequence of forbidden conditions in the HoneySQL conditions vector conditions (recursive), nil if none are forbidden.

Returns a sequence of forbidden conditions in the HoneySQL conditions vector `conditions` (recursive), nil if none are forbidden.

source raw docstring

may-read-some?^clj

(may-read-some? etype permissions)

Checks if the given permissions allow read access to some entities of this type

Checks if the given permissions allow read access to some entities of this type

source raw docstring

root?^clj

(root? user)

Checks if user is a root user.

Checks if `user` is a root user.

source raw docstring

sufficient-predicates^clj

(sufficient-predicates etype verb permissions)

Returns a set of predicates where if any one is true for an entity of this type then it may be verbed given the permissions

Returns a set of predicates where if any one is true for an entity of this type then it may be `verb`ed given the permissions

source raw docstring

cljdoc is a website building & hosting documentation for Clojure/Script libraries

Keyboard shortcuts Report a problem cljdoc on GitHub

× close