How to handle authenticated user access to resources in document oriented system?
Posted
by Jeremy Raymond
on Stack Overflow
See other posts from Stack Overflow
or by Jeremy Raymond
Published on 2010-01-12T03:38:03Z
Indexed on
2010/04/18
5:03 UTC
Read the original article
Hit count: 311
I'm developing a document oriented application and need to manage user access to the documents. I have a module that handles user authentication, and another module that handles document CRUD operations on the data store. Once a user is authenticated I need to enforce what operations the user can and cannot perform to documents based upon the user's permissions. The best option I could think of to integrate these two pieces together would be to create another module that duplicates the data API but that also takes the authenticated user as a parameter. The module would delegate the authorization check to the auth module and delegate the document operation to the data access module. Something like:
-module(auth_data_access).
% User is authenticated (logged into the system)
% save_doc validates if user is allowed to save the given document and if so
% saves it returning ok, else returns {error, permission_denied}
save_doc(Doc, User) ->
case auth:save_allowed(Doc, User) of
ok ->
data_access:save_doc(Doc);
denied ->
{error, permission_denied}
end
end.
Is there a better way I can handle this?
© Stack Overflow or respective owner