Skip to content

v0.6.0
Compare
Choose a tag to compare
@rschef rschef released this 09 Oct 14:47
· 99 commits to master since this release
v0.6.0
c12bd4a

Breaking Changes

  • Renamed query authorization option :scoped to :scope, which accept the following values:

    • false: disables scoping
    • User: a module that will be passed to c:Rajska.Authorization.has_user_access?/4. It must implement a Rajska.Authorization behaviour and a __schema__(:source) function (used to check if the module is valid in Rajska.Schema.validate_query_auth_config!/2)

  • The following options were added to query authorization:

    • :args
      • %{user_id: [:params, :id]}: where user_id is the scoped field and id is an argument nested inside the params argument.
      • :id: this is the same as %{id: :id}, where :id is both the query argument and the scoped field that will be passed to has_user_access?/4
      • [:code, :user_group_id]: this is the same as %{code: :code, user_group_id: :user_group_id}, where code and user_group_id are both query arguments and scoped fields.
    • :optional (optional) - when set to true the arguments are optional, so if no argument is provided, the query will be authorized. Defaults to false.

  • has_user_access?/4 now receives {field, field_value} as the third argument, instead of only field_value

Enhancements

  • Create validations for all query authorization options
Assets 2
Loading