Comments (5)
Something to think about: topics in socket handlers are strings, but controller actions are atoms. Pattern matching these types of actions won't work out of the box. We can't blindly convert strings to atoms, because atoms are not garbage collected in the Erlang VM.
from bodyguard.
Plus those strings usually have some formatting in them. Is there a generalized way to assume that the room "post:123"
maps to authorize? current_user(socket), :show, Repo.get(Post, 123)
?
from bodyguard.
I would say, in general, no. I don't think that's a convention we would want to enforce.
There are three distinct aspects of sockets that need authorizing: (1) socket connect, (2) channel join, and (3) channel messages in AND out (you can handle_out
to filter outgoing messages)
I'm not sure we need to worry about (1). Is there a case where we would want to explicitly deny a user connection to the socket server altogether, even before they've attempted to join any channels (i.e. perform any destructive actions)?
(2) and (3) are similar enough (and implemented in the same modules) that I think they can be lumped together. I've already found myself calling the scope
functions directly on my policies, so I think a scope
helper would be useful. We can assume socket.assigns.current_user
exists, like we do for conn
, and make that :current_user
key configurable at the app level. The same goes for authorize!
, and I think we will just have to require the user to explicitly pass in the action atom instead of trying to determine it automatically.
I'm undecided if we want to go the exception-raising route for channels. For join
we can return {:error, %{reason: "unauthorized"}}
which is clean and idiomatic. For handle_in
we will want to return either {:noreply, socket}
or {:stop, :unauthorized, socket}
, the latter of which will kill the channel process. Or we could just raise, which will also kill the channel.
from bodyguard.
Or we could assume that once a user joins a channel, they are completely authorized, and all channel messages are therefore authorized and valid, so we don't even handle case (3) at all.
That certainly works for some cases (e.g. once you join a chat room, you are authorized to push messages to it, request chat history, request the chatroom members, etc.), but it's probably not general enough of an approach.
from bodyguard.
This will be fixed in v2.0 by just using the assigns
of whatever actor
we're given, whether it's a Plug.Conn
, or a Phoenix.Socket
, or anything else.
from bodyguard.
Related Issues (20)
- Add changelog HOT 1
- Bodyguard.Plug.Authorize default action to Phoenix action_name(conn)? HOT 10
- Update README to mention Plugs and Actions
- Support dynamic `params` on the `Bodyguard.Plug.Authorize` plug HOT 5
- Add default config for Bodyguard.Plug.Authorize plug options HOT 2
- Thoughts on scope/4 HOT 1
- Return type of Bodyguard.Authorize.init/1 HOT 2
- Why not use {:error, :forbidden} ? HOT 6
- Overriding schema in `scope/4` appears to be broken? HOT 1
- Accept {module, function} config for callback functions HOT 1
- Support for strong parameters? HOT 2
- Overriding plug HOT 1
- Please add example for using plugs with fallback controllers HOT 2
- Anonymous Function Example Broken? HOT 4
- Cut Release? HOT 1
- Compilation warnings on Elixir 1.11 HOT 2
- Need help to maintain bodyguard? HOT 12
- Update deps
- Type spec too restrictive?
- Allow to return `{:ok, data}` from authorize callbacks? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bodyguard.