Module z_acl

Access control for Zotonic.

Copyright © 2010 Marc Worrell Date: 2010-04-27

Authors: Marc Worrell (marc@worrell.nl).

Description

Access control for Zotonic. Interfaces to modules implementing the ACL events.

Function Index

anondo/1
anondo/2Call a function as the anonymous user.
args_to_visible_for/1Translate "visible_for" parameter to the appropriate visibility level.
cache_key/1Return a term that can be used as the ACL part of cache key.
can_see/1Return the max visible_for the current user can see.
is_admin/1Check if the current user is the admin or a sudo action.
is_allowed/3Check if an action is allowed for the current actor.
logoff/1Log off, reset the acl field of the context.
logon/2Log the user with the id on, fill the acl field of the context.
rsc_deletable/2Check if the resource is deletable by the current user.
rsc_editable/2Check if the resource is editable by the current user.
rsc_update_check/3Filter the properties of an update.
rsc_visible/2Check if the resource is visible for the current user.
set_visible_for/2Set the acl fields of the context for the 'visible_for' setting.
sudo/1
sudo/2Call a function with admin privileges.
user/1Return the id of the current user.
wm_is_authorized/2Convenience function, check if the current user has enough permissions, if not then redirect to the logon page.
wm_is_authorized/3
wm_is_authorized/4

Function Details

anondo/1

anondo(Context) -> any()

anondo/2

anondo(F::FuncDef, Context::#context{}) -> FuncResult

Call a function as the anonymous user.

args_to_visible_for/1

args_to_visible_for(Args::proplist()) -> 0 | 1 | 2 | 3

Translate "visible_for" parameter to the appropriate visibility level.

cache_key/1

cache_key(Context) -> term()

Return a term that can be used as the ACL part of cache key.

can_see/1

can_see(Context) -> any()

Return the max visible_for the current user can see

is_admin/1

is_admin(Context) -> any()

Check if the current user is the admin or a sudo action

is_allowed/3

is_allowed(Action, Object, Context) -> any()

Check if an action is allowed for the current actor.

logoff/1

logoff(Context::#context{}) -> #context{}

Log off, reset the acl field of the context

logon/2

logon(Id::integer(), Context::#context{}) -> #context{}

Log the user with the id on, fill the acl field of the context

rsc_deletable/2

rsc_deletable(Id, Context) -> any()

Check if the resource is deletable by the current user

rsc_editable/2

rsc_editable(Id, Context) -> any()

Check if the resource is editable by the current user

rsc_update_check/3

rsc_update_check(Id, Props, Context) -> any()

Filter the properties of an update. This is before any escaping.

rsc_visible/2

rsc_visible(Id, Context) -> any()

Check if the resource is visible for the current user

set_visible_for/2

set_visible_for(VisibleFor::integer(), Context::context()) -> context()

Set the acl fields of the context for the 'visible_for' setting. Used when rendering scomps.

sudo/1

sudo(Context) -> any()

sudo/2

sudo(F::FuncDef, Context::#context{}) -> FuncResult

Call a function with admin privileges.

user/1

user(Context) -> any()

Return the id of the current user.

wm_is_authorized/2

wm_is_authorized(Allowed, Context) -> any()

Convenience function, check if the current user has enough permissions, if not then redirect to the logon page.

wm_is_authorized/3

wm_is_authorized(ACLs, ReqData, Context) -> any()

wm_is_authorized/4

wm_is_authorized(Action, Object, ReqData, Context) -> any()


Generated by EDoc, Feb 25 2011, 21:14:41.