/modules/mod_acl_adminonly/mod_acl_adminonly.erl

https://code.google.com/p/zotonic/ · Erlang · 97 lines · 61 code · 12 blank · 24 comment · 2 complexity · e7873ae0f91073bfb151bf50950ef305 MD5 · raw file

  1. %% @author Marc Worrell <marc@worrell.nl>
  2. %% @copyright 2010 Marc Worrell
  3. %% Date: 2010-05-03
  4. %% @doc Simple ACL module. Any user gets full admin privileges. Useful for a simple site or blog.
  5. %% Copyright 2010 Marc Worrell
  6. %%
  7. %% Licensed under the Apache License, Version 2.0 (the "License");
  8. %% you may not use this file except in compliance with the License.
  9. %% You may obtain a copy of the License at
  10. %%
  11. %% http://www.apache.org/licenses/LICENSE-2.0
  12. %%
  13. %% Unless required by applicable law or agreed to in writing, software
  14. %% distributed under the License is distributed on an "AS IS" BASIS,
  15. %% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16. %% See the License for the specific language governing permissions and
  17. %% limitations under the License.
  18. -module(mod_acl_adminonly).
  19. -author("Marc Worrell <marc@worrell.nl>").
  20. -mod_title("ACL Admins Only").
  21. -mod_description("Simple access control module, all users are site administrators. Use this for a simple site.").
  22. -mod_prio(500).
  23. %% interface functions
  24. -export([
  25. observe_acl_is_allowed/2,
  26. observe_acl_can_see/2,
  27. observe_acl_logon/2,
  28. observe_acl_logoff/2,
  29. observe_acl_rsc_update_check/3
  30. ]).
  31. -include("zotonic.hrl").
  32. %% @doc Check if the user is allowed to perform Action on Object
  33. observe_acl_is_allowed({acl_is_allowed, view, Id}, #context{user_id=undefined} = Context) when is_integer(Id) ->
  34. Acl = m_rsc:get_acl_props(Id, Context),
  35. case Acl#acl_props.is_published of
  36. false ->
  37. false;
  38. true ->
  39. case Acl#acl_props.visible_for == 0 of
  40. false ->
  41. false;
  42. true ->
  43. Date = calendar:local_time(),
  44. Acl#acl_props.publication_start =< Date andalso Acl#acl_props.publication_end >= Date
  45. end
  46. end;
  47. observe_acl_is_allowed({acl_is_allowed, _Action, _Object}, #context{user_id=undefined}) ->
  48. false;
  49. observe_acl_is_allowed({acl_is_allowed, update, Id}, Context) when is_integer(Id) ->
  50. case m_rsc:p(Id, is_authoritative, Context) of
  51. true -> true;
  52. _ -> undefined
  53. end;
  54. observe_acl_is_allowed({acl_is_allowed, _Action, _Object}, _Context) ->
  55. true.
  56. %% @doc Return the max visible_for an user can see, used for pruning during searches
  57. observe_acl_can_see({acl_can_see, _Action, _Object}, #context{user_id=undefined}) ->
  58. ?ACL_VIS_PUBLIC;
  59. observe_acl_can_see({acl_can_see}, _Context) ->
  60. ?ACL_VIS_USER.
  61. %% @doc Let the user log on, this is the moment to start caching information.
  62. observe_acl_logon({acl_logon, UserId}, Context) ->
  63. Context#context{acl=?MODULE, user_id=UserId}.
  64. %% @doc Let the user log off, clean up any cached information.
  65. observe_acl_logoff({acl_logoff}, Context) ->
  66. Context#context{acl=undefined, user_id=undefined}.
  67. %% @doc Filter the properties before an update. Return filtered/updated resource proplist or
  68. %% the tuple {error, Reason}
  69. observe_acl_rsc_update_check({acl_rsc_update_check, _Id}, {error, Reason}, _Context) ->
  70. {error, Reason};
  71. observe_acl_rsc_update_check({acl_rsc_update_check, insert_rsc}, Props, _Context) ->
  72. PropsPubl = case proplists:get_value(is_published, Props) of
  73. undefined -> z_utils:prop_replace(is_published, false, Props);
  74. _ -> Props
  75. end,
  76. PropsVis = case proplists:get_value(visible_for, PropsPubl) of
  77. undefined -> z_utils:prop_replace(visible_for, ?ACL_VIS_PUBLIC, PropsPubl);
  78. _ -> PropsPubl
  79. end,
  80. case proplists:get_value(is_authoritative, PropsVis) of
  81. undefined -> z_utils:prop_replace(is_authoritative, true, PropsVis);
  82. _ -> PropsVis
  83. end;
  84. observe_acl_rsc_update_check({acl_rsc_update_check, _id}, Props, _Context) ->
  85. Props.