package guardian

  1. Overview
  2. Docs
Role-based access control for OCaml

Install

Dune Dependency

github.com Readme Edit opam file Versions (3)

Authors

  1. D
    Department of Economics, University of Zurich
  2. J
    John Christopher McAlpine

Maintainers

  1. E
    engineering@econ.uzh.ch

Sources

0.0.5.tar.gz
md5=46f14b1dac8c7b7a1521c15555465dde
sha512=c9e7edab3f72a8764a37328c75001f9b7fbcedb1b68ecf95daf53fed4f7a46e9ce1ebc9d5fa9ad46d25f759857a95e7000173eef808aa0459339637a66e945f1

doc/src/guardian/persistence.ml.html

Source file persistence.ml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
type context = (string * string) list

module type Backend = sig
  type actor_role_set
  type actor_spec
  type auth_rule
  type role
  type target_role_set
  type target_spec
  type 'a authorizable
  type 'b authorizable_target
  type ('rv, 'err) monad = ('rv, 'err) Lwt_result.t

  module Actor : sig
    module Authorizable : sig
      val create
        :  ?ctx:context
        -> ?owner:Uuid.Actor.t
        -> actor_role_set
        -> Uuid.Actor.t
        -> (unit, string) monad

      val mem : ?ctx:context -> Uuid.Actor.t -> (bool, string) monad
    end

    val find
      :  ?ctx:context
      -> 'kind
      -> Uuid.Actor.t
      -> ('kind authorizable, string) monad

    val find_roles
      :  ?ctx:context
      -> Uuid.Actor.t
      -> (actor_role_set, string) monad

    val find_rules
      :  ?ctx:context
      -> target_spec
      -> (auth_rule list, string) monad

    val find_owner
      :  ?ctx:context
      -> Uuid.Actor.t
      -> (Uuid.Actor.t option, string) monad

    val save_rule : ?ctx:context -> auth_rule -> (unit, string) monad
    val delete_rule : ?ctx:context -> auth_rule -> (unit, string) monad

    val grant_roles
      :  ?ctx:context
      -> Uuid.Actor.t
      -> actor_role_set
      -> (unit, string) monad

    val revoke_roles
      :  ?ctx:context
      -> Uuid.Actor.t
      -> actor_role_set
      -> (unit, string) monad

    val save_owner
      :  ?ctx:context
      -> ?owner:Uuid.Actor.t
      -> Uuid.Actor.t
      -> (unit, string) monad
  end

  module Target : sig
    module Authorizable : sig
      val create
        :  ?ctx:context
        -> ?owner:Uuid.Actor.t
        -> target_role_set
        -> Uuid.Target.t
        -> (unit, string) monad

      val mem : ?ctx:context -> Uuid.Target.t -> (bool, string) monad
    end

    val find
      :  ?ctx:context
      -> 'kind
      -> Uuid.Target.t
      -> ('kind authorizable_target, string) monad

    val find_roles
      :  ?ctx:context
      -> Uuid.Target.t
      -> (target_role_set, string) monad

    val find_owner
      :  ?ctx:context
      -> Uuid.Target.t
      -> (Uuid.Actor.t option, string) monad

    val save_owner
      :  ?ctx:context
      -> ?owner:Uuid.Actor.t
      -> Uuid.Target.t
      -> (unit, string) monad
  end

  val find_migrations : unit -> (string * string * string) list
  val find_clean : unit -> (string * string) list
  val migrate : ?ctx:context -> unit -> unit Lwt.t
  val clean : ?ctx:context -> unit -> unit Lwt.t
end

module type Contract = sig
  include Backend

  module Actor : sig
    include module type of Actor

    val save_rules
      :  ?ctx:context
      -> auth_rule list
      -> (auth_rule list, auth_rule list) Lwt_result.t

    val revoke_role
      :  ?ctx:context
      -> Uuid.Actor.t
      -> role
      -> (unit, string) monad

    val find_roles_exn : ?ctx:context -> Uuid.Actor.t -> actor_role_set Lwt.t

    val find_authorizable
      :  ?ctx:context
      -> 'kind
      -> Uuid.Actor.t
      -> ('kind authorizable, string) Lwt_result.t

    val decorate
      :  ?ctx:context
      -> ('a -> 'kind authorizable)
      -> 'a
      -> ('kind authorizable, string) Lwt_result.t
  end

  module Target : sig
    include module type of Target

    val decorate
      :  ?ctx:context
      -> ('a -> 'kind authorizable_target)
      -> 'a
      -> ('kind authorizable_target, string) Lwt_result.t

    val find_checker
      :  ?ctx:context
      -> 'a authorizable_target
      -> ('b authorizable -> Action.t -> bool, string) Lwt_result.t

    val find_role_checker
      :  ?ctx:context
      -> target_role_set
      -> ('b authorizable -> Action.t -> bool, string) Lwt_result.t
  end

  val wrap_function
    :  ?ctx:context
    -> (string -> 'etyp)
    -> (Action.t * target_spec) list
    -> ('param -> ('rval, 'etyp) monad)
    -> ('a authorizable -> 'param -> ('rval, 'etyp) monad, string) monad

  val collect_rules
    :  ?ctx:context
    -> (Action.t * target_spec) list
    -> (auth_rule list, string) monad

  val checker_of_effects
    :  ?ctx:context
    -> (Action.t * target_spec) list
    -> 'a authorizable
    -> (unit, string) monad

  val find_rules_exn : ?ctx:context -> target_spec -> auth_rule list Lwt.t
  val save_rule_exn : ?ctx:context -> auth_rule -> unit Lwt.t
  val delete_rule_exn : ?ctx:context -> auth_rule -> unit Lwt.t
end
OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct