PageRenderTime 29ms CodeModel.GetById 19ms app.highlight 8ms RepoModel.GetById 1ms app.codeStats 0ms

/modules/mod_acl_adminonly/mod_acl_adminonly.erl

https://code.google.com/p/zotonic/
Erlang | 97 lines | 61 code | 12 blank | 24 comment | 2 complexity | e7873ae0f91073bfb151bf50950ef305 MD5 | raw file
 1%% @author Marc Worrell <marc@worrell.nl>
 2%% @copyright 2010 Marc Worrell
 3%% Date: 2010-05-03
 4%% @doc Simple ACL module. Any user gets full admin privileges.  Useful for a simple site or blog.
 5
 6%% Copyright 2010 Marc Worrell
 7%%
 8%% Licensed under the Apache License, Version 2.0 (the "License");
 9%% you may not use this file except in compliance with the License.
10%% You may obtain a copy of the License at
11%% 
12%%     http://www.apache.org/licenses/LICENSE-2.0
13%% 
14%% Unless required by applicable law or agreed to in writing, software
15%% distributed under the License is distributed on an "AS IS" BASIS,
16%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17%% See the License for the specific language governing permissions and
18%% limitations under the License.
19
20-module(mod_acl_adminonly).
21-author("Marc Worrell <marc@worrell.nl>").
22
23-mod_title("ACL Admins Only").
24-mod_description("Simple access control module, all users are site administrators. Use this for a simple site.").
25-mod_prio(500).
26
27%% interface functions
28-export([
29    observe_acl_is_allowed/2,
30    observe_acl_can_see/2,
31    observe_acl_logon/2,
32    observe_acl_logoff/2,
33    observe_acl_rsc_update_check/3
34]).
35
36-include("zotonic.hrl").
37
38%% @doc Check if the user is allowed to perform Action on Object
39observe_acl_is_allowed({acl_is_allowed, view, Id}, #context{user_id=undefined} = Context) when is_integer(Id) ->
40	Acl = m_rsc:get_acl_props(Id, Context),
41    case Acl#acl_props.is_published of
42        false -> 
43            false;
44        true ->
45            case Acl#acl_props.visible_for == 0 of
46                false ->
47                    false;
48                true ->
49                    Date = calendar:local_time(),
50                    Acl#acl_props.publication_start =< Date andalso Acl#acl_props.publication_end >= Date
51            end
52    end;	
53observe_acl_is_allowed({acl_is_allowed, _Action, _Object}, #context{user_id=undefined}) ->
54	false;
55observe_acl_is_allowed({acl_is_allowed, update, Id}, Context) when is_integer(Id) ->
56	case m_rsc:p(Id, is_authoritative, Context) of
57		true -> true;
58		_ -> undefined
59	end;
60observe_acl_is_allowed({acl_is_allowed, _Action, _Object}, _Context) ->
61	true.
62
63%% @doc Return the max visible_for an user can see, used for pruning during searches
64observe_acl_can_see({acl_can_see, _Action, _Object}, #context{user_id=undefined}) ->
65	?ACL_VIS_PUBLIC;
66observe_acl_can_see({acl_can_see}, _Context) ->
67	?ACL_VIS_USER.
68	
69%% @doc Let the user log on, this is the moment to start caching information.
70observe_acl_logon({acl_logon, UserId}, Context) ->
71	Context#context{acl=?MODULE, user_id=UserId}.
72
73%% @doc Let the user log off, clean up any cached information.
74observe_acl_logoff({acl_logoff}, Context) ->
75	Context#context{acl=undefined, user_id=undefined}.
76
77%% @doc Filter the properties before an update. Return filtered/updated resource proplist or
78%% the tuple {error, Reason}
79observe_acl_rsc_update_check({acl_rsc_update_check, _Id}, {error, Reason}, _Context) ->
80	{error, Reason};
81observe_acl_rsc_update_check({acl_rsc_update_check, insert_rsc}, Props, _Context) ->
82	PropsPubl = case proplists:get_value(is_published, Props) of
83		undefined -> z_utils:prop_replace(is_published, false, Props);
84		_ -> Props
85	end,
86	PropsVis = case proplists:get_value(visible_for, PropsPubl) of
87		undefined -> z_utils:prop_replace(visible_for, ?ACL_VIS_PUBLIC, PropsPubl);
88		_ -> PropsPubl
89	end,
90	case proplists:get_value(is_authoritative, PropsVis) of
91		undefined -> z_utils:prop_replace(is_authoritative, true, PropsVis);
92		_ -> PropsVis
93	end;
94observe_acl_rsc_update_check({acl_rsc_update_check, _id}, Props, _Context) ->
95	Props.
96
97