summaryrefslogtreecommitdiff
path: root/src/ataxia_security.erl
diff options
context:
space:
mode:
Diffstat (limited to 'src/ataxia_security.erl')
-rw-r--r--src/ataxia_security.erl40
1 files changed, 25 insertions, 15 deletions
diff --git a/src/ataxia_security.erl b/src/ataxia_security.erl
index 192171f..7654384 100644
--- a/src/ataxia_security.erl
+++ b/src/ataxia_security.erl
@@ -5,16 +5,17 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-type named_user() :: {'user', any()}.
-type user() :: (named_user() | 'admin' | 'any' | 'janitor').
--type permission() :: (list(named_user()) | 'any' | 'janitor').
+-type permission() :: ordset:ordset(user()).
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% EXPORTS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-export_type([user/0, permission/0]).
--export([can_access/2]).
-export([janitor/0, any/0, admin/0, user_from_id/1]).
--export([unlocked/0]).
+
+-export([add_access/2, remove_access/2, allow_only/1]).
+-export([can_access/2]).
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% LOCAL FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -23,6 +24,18 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+-spec add_access (user(), permission()) -> permission().
+add_access (User, Permission) ->
+ ordset:add_element(User, Permission).
+
+-spec remove_access (user(), permission()) -> permission().
+remove_access (User, Permission) ->
+ ordset:del_element(User, Permission).
+
+-spec allow_only (user()) -> permission().
+allow_only (User) ->
+ ordset:add_element(User, ordset:new()).
+
-spec user_from_id (any()) -> user().
user_from_id (ID) -> {user, ID}.
@@ -35,16 +48,13 @@ any () -> any.
-spec admin () -> user().
admin () -> admin.
--spec unlocked () -> atom().
-unlocked () -> none.
-
-spec can_access (permission(), user()) -> boolean().
-can_access (_, admin) -> true;
-can_access (any, _) -> true;
-can_access (janitor, janitor) -> true;
-can_access (List, {user, User}) ->
- lists:member({user, User}, List);
-can_access (List, janitor) ->
- lists:member(janitor, List);
-can_access (List, User) ->
- can_access(List, {user, User}).
+can_access (Permission, User) ->
+ case User of
+ admin -> true;
+ _ ->
+ (
+ ordset:is_element(any, Permission)
+ or ordset:is_element(User, Permission)
+ )
+ end.