/src/models/m_acl.erl
Erlang | 79 lines | 44 code | 10 blank | 25 comment | 7 complexity | 1c8269e5d263caf4ec10b7e1a9794706 MD5 | raw file
1%% @author Marc Worrell <marc@worrell.nl> 2%% @copyright 2009 Marc Worrell 3%% Date: 2009-04-27 4%% 5%% @doc Template access for access control functions and state 6 7%% Copyright 2009 Marc Worrell 8%% 9%% Licensed under the Apache License, Version 2.0 (the "License"); 10%% you may not use this file except in compliance with the License. 11%% You may obtain a copy of the License at 12%% 13%% http://www.apache.org/licenses/LICENSE-2.0 14%% 15%% Unless required by applicable law or agreed to in writing, software 16%% distributed under the License is distributed on an "AS IS" BASIS, 17%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 18%% See the License for the specific language governing permissions and 19%% limitations under the License. 20 21-module(m_acl). 22-author("Marc Worrell <marc@worrell.nl"). 23 24-behaviour(gen_model). 25 26%% interface functions 27-export([ 28 m_find_value/3, 29 m_to_list/2, 30 m_value/2 31]). 32 33-include_lib("zotonic.hrl"). 34 35 36%% @doc Fetch the value for the key from a model source 37%% @spec m_find_value(Key, Source, Context) -> term() 38m_find_value(user, #m{value=undefined}, Context) -> 39 z_acl:user(Context); 40m_find_value(is_admin, #m{value=undefined}, Context) -> 41 z_acl:is_admin(Context); 42m_find_value(authenticated, #m{value=undefined} = M, _Context) -> 43 M#m{value=authenticated}; 44m_find_value(Action, #m{value=Auth} = M, _Context) 45 when (Action == use orelse Action == admin orelse Action == view 46 orelse Action == delete orelse Action == update orelse Action == insert 47 orelse Action == link), (Auth =:= undefined orelse Auth =:= authenticated) -> 48 M#m{value={is_allowed, Action, Auth}}; 49m_find_value(is_allowed, #m{value=Auth} = M, _Context) when Auth =:= undefined; Auth =:= authenticated -> 50 M#m{value={is_allowed, Auth}}; 51m_find_value(Action, #m{value={is_allowed, Auth}} = M, _Context) -> 52 M#m{value={is_allowed, Action, Auth}}; 53m_find_value(Object, #m{value={is_allowed, Action, authenticated}}, Context) when is_binary(Object) -> 54 Context1 = case z_notifier:first(#acl_context_authenticated{}, Context) of 55 undefined -> Context; 56 Ctx -> Ctx 57 end, 58 z_acl:is_allowed(Action, z_convert:to_atom(Object), Context1); 59m_find_value(Object, #m{value={is_allowed, Action, undefined}}, Context) when is_binary(Object) -> 60 z_acl:is_allowed(Action, z_convert:to_atom(Object), Context); 61m_find_value(Object, #m{value={is_allowed, Action, authenticated}}, Context) -> 62 Context1 = case z_notifier:first(#acl_context_authenticated{}, Context) of 63 undefined -> Context; 64 Ctx -> Ctx 65 end, 66 z_acl:is_allowed(Action, Object, Context1); 67m_find_value(Object, #m{value={is_allowed, Action, undefined}}, Context) -> 68 z_acl:is_allowed(Action, Object, Context). 69 70 71%% @doc Transform a m_config value to a list, used for template loops 72%% @spec m_to_list(Source, Context) -> List 73m_to_list(_, _Context) -> 74 []. 75 76%% @doc Transform a model value so that it can be formatted or piped through filters 77%% @spec m_value(Source, Context) -> term() 78m_value(#m{value=undefined}, _Context) -> 79 undefined.