View Source Bonfire.Boundaries.Acls (Bonfire v0.9.11-social-beta.6)
Provides functionality for managing Access Control Lists (ACLs) in the Bonfire system.
An Acl is a list of Grants used to define access permissions for objects. It represents fully populated access control rules that can be reused. It can be used to secure multiple objects and exists independently of any object.
ACLs (also referred to as "preset boundaries") enable you to make a list of circles and users and then grant specific roles or permissions to each of those. For example, you might create a "Fitness" ACL and grant the "Participate" role to your gym buddies, allowing them to interact with your fitness-related content, while granting the "Interact" role to your family and friends, who can view and react to your posts but not comment on them.
The corresponding Ecto schema is Bonfire.Data.AccessControl.Acl which is defined in a seperate repo.
Summary
Functions
Returns a list of special built-in ACLs (e.g., guest, local, activity_pub).
Returns a list of built-in ACL IDs.
Casts ACLs (existing ones or creating some on-the-fly) and Controlled on an object.
Creates a new ACL.
Returns a list of default IDs to exclude from queries.
Fully delete the ACL, including permissions/grants and controlled information. This will affect all objects previously shared with this ACL.
Edits an existing ACL.
Returns a list of stereotype IDs to exclude from queries.
Retrieves an ACL by its slug.
Retrieves an ACL by its slug, raising an error if not found.
Retrieves an ACL for a caretaker.
Retrieves an ACL ID by its slug.
Checks if an ACL is built-in.
Checks if an ACL is a custom ACL for an object.
Checks if an ACL is stereotyped.
Lists ACLs the current user is permitted to see.
Lists built-in ACLs.
Lists ACLs for a specific user.
query for list_my
Lists ACLs for a specific user with grant counts (how many rules ).
Returns options to use when querying for ACLs to show in a dropdown in the UI.
Returns options to use when querying for ACLs to show in a list.
Returns a list of ACL IDs for a preset (eg. "local" and "public").
Previews ACLs as they would be set based on provided opts.
Returns a list of ACL IDs for remote public access.
Sets ACLs (existing ones or creating some on-the-fly) and Controlled on an object.
Creates a simple ACL with a name.
Soft-delete the ACL, meaning it will not be displayed anymore, but permissions/grants and controlled information will be preserved. This will not affect objects previously shared with this ACL.
Returns a list of stereotype ACL IDs.
Functions
Returns a list of special built-in ACLs (e.g., guest, local, activity_pub).
Returns a list of built-in ACL IDs.
Examples
iex> Bonfire.Boundaries.Acls.built_in_ids()
["BUILT_IN_ACL_ID1", "BUILT_IN_ACL_ID2"]Casts ACLs (existing ones or creating some on-the-fly) and Controlled on an object.
Examples
iex> Bonfire.Boundaries.Acls.cast(changeset, creator, [boundary: "local"])Creates a new ACL.
Examples
iex> Bonfire.Boundaries.Acls.create(%{named: %{name: "New ACL"}}, current_user: user)
{:ok, %Acl{}}Returns a list of default IDs to exclude from queries.
Examples
iex> Bonfire.Boundaries.Acls.default_exclude_ids()
["2HEYS11ENCEDMES0CAN0TSEEME", "7HECVST0MAC1F0RAN0BJECTETC", "71MAYADM1N1STERMY0WNSTVFFS", "0H0STEDCANTSEE0RD0ANYTH1NG", "1S11ENCEDTHEMS0CAN0TP1NGME"]Fully delete the ACL, including permissions/grants and controlled information. This will affect all objects previously shared with this ACL.
Edits an existing ACL.
Examples
iex> Bonfire.Boundaries.Acls.edit(acl_id, user, %{name: "Updated ACL"})
iex> Bonfire.Boundaries.Acls.edit(%Acl{}, user, %{name: "Updated ACL"})Returns a list of stereotype IDs to exclude from queries.
Examples
iex> Bonfire.Boundaries.Acls.exclude_stereotypes()
["2HEYS11ENCEDMES0CAN0TSEEME", "7HECVST0MAC1F0RAN0BJECTETC"]
iex> Bonfire.Boundaries.Acls.exclude_stereotypes(false)
["2HEYS11ENCEDMES0CAN0TSEEME"]Retrieves an ACL by its slug.
Examples
iex> Bonfire.Boundaries.Acls.get(:instance_care)
iex> Bonfire.Boundaries.Acls.get(:non_existent)
nilRetrieves an ACL by its slug, raising an error if not found.
Retrieves an ACL for a caretaker.
Examples
iex> Bonfire.Boundaries.Acls.get_for_caretaker("ACL_ID", user)
{:ok, %Acl{}}Retrieves an ACL ID by its slug.
Examples
iex> Bonfire.Boundaries.Acls.get_id(:instance_care)
"01SETT1NGSF0R10CA11NSTANCE"
iex> Bonfire.Boundaries.Acls.get_id(:non_existent)
nilChecks if an ACL is built-in.
Examples
iex> Bonfire.Boundaries.Acls.is_built_in?("BUILT_IN_ACL_ID")
true
iex> Bonfire.Boundaries.Acls.is_built_in?("CUSTOM_ACL_ID")
falseChecks if an ACL is a custom ACL for an object.
Examples
iex> Bonfire.Boundaries.Acls.is_object_custom?(%Acl{stereotyped: %{stereotype_id: "CUSTOM_ACL_ID"}})
true
iex> Bonfire.Boundaries.Acls.is_object_custom?(%Acl{})
falseChecks if an ACL is stereotyped.
Examples
iex> Bonfire.Boundaries.Acls.is_stereotyped?(%Acl{stereotyped: %{stereotype_id: "STEREOTYPE_ID"}})
true
iex> Bonfire.Boundaries.Acls.is_stereotyped?("STEREOTYPE_ID")
true
iex> Bonfire.Boundaries.Acls.is_stereotyped?(%Acl{})
falseLists ACLs the current user is permitted to see.
Examples
iex> Bonfire.Boundaries.Acls.list(current_user: user)
[%Acl{}, %Acl{}]Lists built-in ACLs.
Examples
iex> Bonfire.Boundaries.Acls.list_built_ins()
[%Acl{}, %Acl{}]Lists ACLs for a specific user.
Includes the ACLs we are the registered caretakers of that we are permitted to see. If any are created without permitting the user to see them, they will not be shown.
Examples
iex> Bonfire.Boundaries.Acls.list_my(user)
[%Acl{}, %Acl{}]query for list_my
Lists ACLs for a specific user with grant counts (how many rules ).
Examples
iex> Bonfire.Boundaries.Acls.list_my_with_counts(user)
[%{acl: %Acl{}, grants_count: 5}, %{acl: %Acl{}, grants_count: 2}]Returns options to use when querying for ACLs to show in a dropdown in the UI.
Examples
iex> Bonfire.Boundaries.Acls.opts_for_dropdown()
[exclude_ids: [...], extra_ids_to_include: [...]]Returns options to use when querying for ACLs to show in a list.
Examples
iex> Bonfire.Boundaries.Acls.opts_for_list()
[exclude_ids: [...]]Returns a list of ACL IDs for a preset (eg. "local" and "public").
Previews ACLs as they would be set based on provided opts.
Examples
iex> Bonfire.Boundaries.Acls.preview(creator, [
preview_for_id: object_id,
boundary: "mentions",
to_circles: mentioned_users_or_custom_circles
])
iex> Bonfire.Boundaries.Acls.preview(creator, [
preview_for_id: object_id,
boundary: "clone_context",
context_id: context_object_id
])Returns a list of ACL IDs for remote public access.
Examples
iex> Bonfire.Boundaries.Acls.remote_public_acl_ids()
["5REM0TEPE0P1E1NTERACTREACT", "5REM0TEPE0P1E1NTERACTREP1Y", "7REM0TEACT0RSCANC0NTR1BVTE"]Sets ACLs (existing ones or creating some on-the-fly) and Controlled on an object.
Examples
iex> Bonfire.Boundaries.Acls.set(%{}, creator, [boundary: "local"])
{:ok, :granted}Creates a simple ACL with a name.
Examples
iex> Bonfire.Boundaries.Acls.simple_create(user, "My ACL")
{:ok, %Acl{}}Soft-delete the ACL, meaning it will not be displayed anymore, but permissions/grants and controlled information will be preserved. This will not affect objects previously shared with this ACL.
Returns a list of stereotype ACL IDs.
Examples
iex> Bonfire.Boundaries.Acls.stereotype_ids()
["STEREOTYPE_ACL_ID1", "STEREOTYPE_ACL_ID2"]