Module z_acl

Access control for Zotonic.

Copyright 2010-2013 Marc Worrell

Authors: Marc Worrell (marc@worrell.nl).

Description

Access control for Zotonic. Interfaces to modules implementing the ACL events.

Data Types

acl()

acl() = [operationrequest()]

action()

action() = atom()

object()

object() = m_rsc:resource()

operationrequest()

operationrequest() = {action(), object()}

Function Index

anondo/1
anondo/2Call a function as the anonymous user.
args_to_visible_for/1Translate "visible_for" parameter to the appropriate visibility level.
cache_key/1Return a term that can be used as the ACL part of cache key.
can_see/1Return the max visible_for the current user can see.
is_admin/1Check if the current user is the admin or a sudo action.
is_allowed/3Check if an action is allowed for the current actor.
logoff/1Log off, reset the acl field of the context.
logon/2Log the user with the id on, fill the acl field of the context.
logon_prefs/2Log the user with the id on, fill acl and set all user preferences (like timezone and language).
maybe_allowed/3
rsc_deletable/2Check if the resource is deletable by the current user.
rsc_editable/2Check if the resource is editable by the current user.
rsc_prop_visible/3Check if a property of the resource is visible for the current user.
rsc_update_check/3Filter the properties of an update.
rsc_visible/2Check if the resource is visible for the current user.
set_visible_for/2Set the acl fields of the context for the 'visible_for' setting.
sudo/1
sudo/2Call a function with admin privileges.
user/1Return the id of the current user.
wm_is_authorized/2Convenience function, check if the current user has enough permissions, if not then redirect to the logon page.
wm_is_authorized/3
wm_is_authorized/4
wm_is_authorized/5

Function Details

anondo/1

anondo(Context) -> any()

anondo/2

anondo(F::FuncDef, Context::#context{}) -> FuncResult

Call a function as the anonymous user.

args_to_visible_for/1

args_to_visible_for(Args::proplist()) -> 0 | 1 | 2 | 3

Translate "visible_for" parameter to the appropriate visibility level.

cache_key/1

cache_key(Context) -> term()

Return a term that can be used as the ACL part of cache key.

can_see/1

can_see(Context) -> any()

Return the max visible_for the current user can see

is_admin/1

is_admin(Context) -> any()

Check if the current user is the admin or a sudo action

is_allowed/3

is_allowed(Action::term(), Object::term(), Context::#context{}) -> true | false

Check if an action is allowed for the current actor.

logoff/1

logoff(Context::#context{}) -> #context{}

Log off, reset the acl field of the context

logon/2

logon(Id::pos_integer(), Context::#context{}) -> #context{}

Log the user with the id on, fill the acl field of the context

logon_prefs/2

logon_prefs(Id::pos_integer(), Context::#context{}) -> #context{}

Log the user with the id on, fill acl and set all user preferences (like timezone and language)

maybe_allowed/3

maybe_allowed(Action::term(), Object::term(), Context::#context{}) -> true | false | undefined

rsc_deletable/2

rsc_deletable(Id, Context) -> any()

Check if the resource is deletable by the current user

rsc_editable/2

rsc_editable(Id, Context) -> any()

Check if the resource is editable by the current user

rsc_prop_visible/3

rsc_prop_visible(Id, Property, Context) -> any()

Check if a property of the resource is visible for the current user

rsc_update_check/3

rsc_update_check(Id, Props, Context) -> any()

Filter the properties of an update. This is before any escaping.

rsc_visible/2

rsc_visible(Id, Context) -> any()

Check if the resource is visible for the current user

set_visible_for/2

set_visible_for(VisibleFor::integer(), Context::context()) -> context()

Set the acl fields of the context for the 'visible_for' setting. Used when rendering scomps.

sudo/1

sudo(Context) -> any()

sudo/2

sudo(F::FuncDef, Context::#context{}) -> FuncResult

Call a function with admin privileges.

user/1

user(Context) -> any()

Return the id of the current user.

wm_is_authorized/2

wm_is_authorized(ACLs::boolean() | acl(), Context::#context{}) -> webzmachine:reply()

Convenience function, check if the current user has enough permissions, if not then redirect to the logon page.

wm_is_authorized/3

wm_is_authorized(ACLs::boolean() | acl(), Redirect::Redirect | ReqData, Context::#context{}) -> webzmachine:reply()

wm_is_authorized/4

wm_is_authorized(Action::action(), Object::object(), ReqData::webzmachine:reqdata(), Context::#context{}) -> webzmachine:reply()

wm_is_authorized/5

wm_is_authorized(Action::action(), Object::object(), Redirect, ReqData, Context::#context{}) -> webzmachine:reply()


Generated by EDoc, Oct 22 2014, 21:45:06.