View Source Bonfire.Boundaries.Queries (Bonfire v0.9.10-classic-beta.156)

Helpers for writing common boundary-related queries, particularly for applying access control to queries.

This module provides macros and functions to assist with boundary checks and permission queries.

Summary

Functions

add_perms(l, r)

A macro that calls the add_perms(bool?, bool?) DB function

agg_perms(p)

A macro that calls the agg_perms(bool?) aggregate DB function for combining permissions.

boundarise(query, field_ref, opts)

A macro to apply boundary checks to a query.

object_boundarised(q, opts \\ nil)

Applies boundary checks to a query for a specific object.

permitted(user)

Queries for all permitted objects for a user.

permitted(user, verbs)

Queries for permitted objects for a user with specific verbs.

query_with_summary(user, verbs \\ [:see, :read], query \\ Summary)

Creates a subquery to filter results based on user permissions.

skip_boundary_check?(opts, object \\ nil)

Checks if boundary checks should be skipped based on the provided options and object.

Functions

add_perms(l, r)

(macro)

A macro that calls the add_perms(bool?, bool?) DB function

Examples

iex> import Bonfire.Boundaries.Queries
iex> query = from(p in Summary, select: add_perms(p.read, p.write))

agg_perms(p)

(macro)

A macro that calls the agg_perms(bool?) aggregate DB function for combining permissions.

Examples

iex> import Bonfire.Boundaries.Queries
iex> query = from(p in Summary, group_by: p.object_id, having: agg_perms(p.value))

boundarise(query, field_ref, opts)

(macro)

A macro to apply boundary checks to a query.

Examples

iex> import Bonfire.Boundaries.Queries
iex> query_visible_posts = from(p in Post)
                          |> boundarise(p.id, current_user: user)

iex> query_editable_posts = from(p in Post)
                          |> boundarise(p.id, verbs: [:edit], current_user: user)

object_boundarised(q, opts \\ nil)

Applies boundary checks to a query for a specific object.

Examples

iex> query = from(p in Post)
iex> Bonfire.Boundaries.Queries.object_boundarised(query, current_user: user)

permitted(user)

Queries for all permitted objects for a user.

Examples

iex> user_id = "user123"
iex> Bonfire.Boundaries.Queries.permitted(user_id)

permitted(user, verbs)

Queries for permitted objects for a user with specific verbs.

Examples

iex> user_id = "user123"
iex> Bonfire.Boundaries.Queries.permitted(user_id, [:read, :write])

query_with_summary(user, verbs \\ [:see, :read], query \\ Summary)

Creates a subquery to filter results based on user permissions.

Filters out results that the current user is not permitted to perform all of the specified verbs on.

Parameters

user: The current user or their ID
verbs: A list of verbs to check permissions for (default: [:see, :read])
query: An initial query on Summary to filter objects (optional)

Examples

iex> user_id = "user123"
iex> Bonfire.Boundaries.Queries.query_with_summary(user_id, [:read, :write])

skip_boundary_check?(opts, object \\ nil)

Checks if boundary checks should be skipped based on the provided options and object.

Examples

iex> Bonfire.Boundaries.Queries.skip_boundary_check?([skip_boundary_check: true])
true

iex> Bonfire.Boundaries.Queries.skip_boundary_check?([], %{id: "user123"})
false

iex> Bonfire.Boundaries.Queries.skip_boundary_check?([current_user: %{id: "user123"}], %{id: "user123"})
true