View Source Bonfire.Boundaries.Acls (Bonfire v0.9.10-classic-beta.156)

Provides functionality for managing Access Control Lists (ACLs) in the Bonfire system.

An Acl is a list of Grants used to define access permissions for objects. It represents fully populated access control rules that can be reused. It can be used to secure multiple objects and exists independently of any object.

ACLs (also referred to as "preset boundaries") enable you to make a list of circles and users and then grant specific roles or permissions to each of those. For example, you might create a "Fitness" ACL and grant the "Participate" role to your gym buddies, allowing them to interact with your fitness-related content, while granting the "Interact" role to your family and friends, who can view and react to your posts but not comment on them.

The corresponding Ecto schema is Bonfire.Data.AccessControl.Acl which is defined in a seperate repo.

Summary

Functions

Returns a list of special built-in ACLs (e.g., guest, local, activity_pub).

Returns a list of built-in ACL IDs.

Casts ACLs (existing ones or creating some on-the-fly) and Controlled on an object.

Creates a new ACL.

Returns a list of default IDs to exclude from queries.

Fully delete the ACL, including permissions/grants and controlled information. This will affect all objects previously shared with this ACL.

Edits an existing ACL.

Returns a list of stereotype IDs to exclude from queries.

Retrieves an ACL by its slug.

Retrieves an ACL by its slug, raising an error if not found.

Retrieves an ACL for a caretaker.

Retrieves an ACL ID by its slug.

Checks if an ACL is built-in.

Checks if an ACL is a custom ACL for an object.

Checks if an ACL is stereotyped.

Lists ACLs the current user is permitted to see.

Lists built-in ACLs.

Lists ACLs for a specific user.

query for list_my

Lists ACLs for a specific user with grant counts (how many rules ).

Returns options to use when querying for ACLs to show in a dropdown in the UI.

Returns options to use when querying for ACLs to show in a list.

Returns a list of ACL IDs for a preset (eg. "local" and "public").

Previews ACLs as they would be set based on provided opts.

Returns a list of ACL IDs for remote public access.

Sets ACLs (existing ones or creating some on-the-fly) and Controlled on an object.

Creates a simple ACL with a name.

Soft-delete the ACL, meaning it will not be displayed anymore, but permissions/grants and controlled information will be preserved. This will not affect objects previously shared with this ACL.

Returns a list of stereotype ACL IDs.

Functions

Link to this function

acl_grants_to_tuples(creator, acls)

View Source

Returns a list of special built-in ACLs (e.g., guest, local, activity_pub).

Link to this function

acls_from_preset(creator, to_boundaries, opts \\ [])

View Source
Link to this function

base_acls_from_preset(creator, preset, opts \\ [])

View Source

Returns a list of built-in ACL IDs.

Examples

iex> Bonfire.Boundaries.Acls.built_in_ids()
["BUILT_IN_ACL_ID1", "BUILT_IN_ACL_ID2"]
Link to this function

cast(changeset, creator, opts)

View Source

Casts ACLs (existing ones or creating some on-the-fly) and Controlled on an object.

Examples

iex> Bonfire.Boundaries.Acls.cast(changeset, creator, [boundary: "local"])
Link to this function

changeset(atom, attrs, opts)

View Source
Link to this function

create(attrs \\ %{}, opts)

View Source

Creates a new ACL.

Examples

iex> Bonfire.Boundaries.Acls.create(%{named: %{name: "New ACL"}}, current_user: user)
{:ok, %Acl{}}
Link to this function

default_exclude_ids(including_custom? \\ true)

View Source

Returns a list of default IDs to exclude from queries.

Examples

iex> Bonfire.Boundaries.Acls.default_exclude_ids()
["2HEYS11ENCEDMES0CAN0TSEEME", "7HECVST0MAC1F0RAN0BJECTETC", "71MAYADM1N1STERMY0WNSTVFFS", "0H0STEDCANTSEE0RD0ANYTH1NG", "1S11ENCEDTHEMS0CAN0TP1NGME"]

Fully delete the ACL, including permissions/grants and controlled information. This will affect all objects previously shared with this ACL.

Edits an existing ACL.

Examples

iex> Bonfire.Boundaries.Acls.edit(acl_id, user, %{name: "Updated ACL"})

iex> Bonfire.Boundaries.Acls.edit(%Acl{}, user, %{name: "Updated ACL"})
Link to this function

exclude_stereotypes(including_custom? \\ true)

View Source

Returns a list of stereotype IDs to exclude from queries.

Examples

iex> Bonfire.Boundaries.Acls.exclude_stereotypes()
["2HEYS11ENCEDMES0CAN0TSEEME", "7HECVST0MAC1F0RAN0BJECTETC"]

iex> Bonfire.Boundaries.Acls.exclude_stereotypes(false)
["2HEYS11ENCEDMES0CAN0TSEEME"]

Retrieves an ACL by its slug.

Examples

iex> Bonfire.Boundaries.Acls.get(:instance_care)

iex> Bonfire.Boundaries.Acls.get(:non_existent)
nil

Retrieves an ACL by its slug, raising an error if not found.

Link to this function

get_for_caretaker(id, caretaker, opts \\ [])

View Source

Retrieves an ACL for a caretaker.

Examples

iex> Bonfire.Boundaries.Acls.get_for_caretaker("ACL_ID", user)
{:ok, %Acl{}}
Link to this function

get_for_caretaker_q(id, caretaker, opts \\ [])

View Source

Retrieves an ACL ID by its slug.

Examples

iex> Bonfire.Boundaries.Acls.get_id(:instance_care)
"01SETT1NGSF0R10CA11NSTANCE"

iex> Bonfire.Boundaries.Acls.get_id(:non_existent)
nil
Link to this function

get_object_custom_acl(object)

View Source
Link to this function

get_or_create_object_custom_acl(object, caretaker \\ nil)

View Source
Link to this function

grant_tuples_from_preset(creator, to_boundaries, opts \\ [])

View Source

Checks if an ACL is built-in.

Examples

iex> Bonfire.Boundaries.Acls.is_built_in?("BUILT_IN_ACL_ID")
true

iex> Bonfire.Boundaries.Acls.is_built_in?("CUSTOM_ACL_ID")
false

Checks if an ACL is a custom ACL for an object.

Examples

iex> Bonfire.Boundaries.Acls.is_object_custom?(%Acl{stereotyped: %{stereotype_id: "CUSTOM_ACL_ID"}})
true

iex> Bonfire.Boundaries.Acls.is_object_custom?(%Acl{})
false

Checks if an ACL is stereotyped.

Examples

iex> Bonfire.Boundaries.Acls.is_stereotyped?(%Acl{stereotyped: %{stereotype_id: "STEREOTYPE_ID"}})
true

iex> Bonfire.Boundaries.Acls.is_stereotyped?("STEREOTYPE_ID")
true

iex> Bonfire.Boundaries.Acls.is_stereotyped?(%Acl{})
false

Lists ACLs the current user is permitted to see.

Examples

iex> Bonfire.Boundaries.Acls.list(current_user: user)
[%Acl{}, %Acl{}]
Link to this function

list_built_ins(opts \\ [])

View Source

Lists built-in ACLs.

Examples

iex> Bonfire.Boundaries.Acls.list_built_ins()
[%Acl{}, %Acl{}]
Link to this function

list_my(user, opts \\ [])

View Source

Lists ACLs for a specific user.

Includes the ACLs we are the registered caretakers of that we are permitted to see. If any are created without permitting the user to see them, they will not be shown.

Examples

iex> Bonfire.Boundaries.Acls.list_my(user)
[%Acl{}, %Acl{}]
Link to this function

list_my_q(user, opts \\ [])

View Source

query for list_my

Link to this function

list_my_with_counts(user, opts \\ [])

View Source

Lists ACLs for a specific user with grant counts (how many rules ).

Examples

iex> Bonfire.Boundaries.Acls.list_my_with_counts(user)
[%{acl: %Acl{}, grants_count: 5}, %{acl: %Acl{}, grants_count: 2}]
Link to this function

maybe_by_ids(query, ids)

View Source
Link to this function

maybe_search(query, text)

View Source

Returns options to use when querying for ACLs to show in a dropdown in the UI.

Examples

iex> Bonfire.Boundaries.Acls.opts_for_dropdown()
[exclude_ids: [...], extra_ids_to_include: [...]]

Returns options to use when querying for ACLs to show in a list.

Examples

iex> Bonfire.Boundaries.Acls.opts_for_list()
[exclude_ids: [...]]
Link to this function

prepare_cast(changeset_or_obj, creator, opts)

View Source
Link to this function

preset_acl_ids(preset, preset_acls \\ Config.get!(:preset_acls_match))

View Source

Returns a list of ACL IDs for a preset (eg. "local" and "public").

Previews ACLs as they would be set based on provided opts.

Examples

iex> Bonfire.Boundaries.Acls.preview(creator, [
  preview_for_id: object_id,
  boundary: "mentions",
  to_circles: mentioned_users_or_custom_circles
])

iex> Bonfire.Boundaries.Acls.preview(creator, [
  preview_for_id: object_id,
  boundary: "clone_context",
  context_id: context_object_id
])

Returns a list of ACL IDs for remote public access.

Examples

iex> Bonfire.Boundaries.Acls.remote_public_acl_ids()
["5REM0TEPE0P1E1NTERACTREACT", "5REM0TEPE0P1E1NTERACTREP1Y", "7REM0TEACT0RSCANC0NTR1BVTE"]
Link to this function

set(object, creator, opts)

View Source

Sets ACLs (existing ones or creating some on-the-fly) and Controlled on an object.

Examples

iex> Bonfire.Boundaries.Acls.set(%{}, creator, [boundary: "local"])
{:ok, :granted}
Link to this function

simple_create(caretaker, name)

View Source

Creates a simple ACL with a name.

Examples

iex> Bonfire.Boundaries.Acls.simple_create(user, "My ACL")
{:ok, %Acl{}}

Soft-delete the ACL, meaning it will not be displayed anymore, but permissions/grants and controlled information will be preserved. This will not affect objects previously shared with this ACL.

Returns a list of stereotype ACL IDs.

Examples

iex> Bonfire.Boundaries.Acls.stereotype_ids()
["STEREOTYPE_ACL_ID1", "STEREOTYPE_ACL_ID2"]