All predicatesShow sourcepep.pl -- SWISH PEP (Policy Enforcement Point)

This module implements the Policy Enforcement Point. It is called by modules that perform operations that may not be publically accessible. Examples are:

Source authorized(+Action, +Options) is det
Verify that Action is authorized. Options:
indentity(+Identity)
Indentity is the identity dict as collected by autenticate.pl.

Actions defined:

  • Gitty store actions
    gitty(download(Obj, Format))
    Attempt to download Obj, one of file(File) or hash(Hash) in Format, see storage_get/4 from storage.pl
    gitty(create(File, Named, Meta))
    Create file name File with the given meta-data. Named is one of named or random and indicates whether the file is named by the user or the name is generated by the system.
    gitty(update(File, PrevMeta, Meta))
    Update File and change meta-data from PrevMeta to Meta.
    gitty(delete(File, Meta))
    Delete File that has the given meta data.
  • File actions
    file(update(File, Meta))
    Update (save) a physical file outside the versioned gitty store.
  • Social options
    chat
    Open websocket chat channel
throws
- http_reply(forbidden(URL)) if the action is not allowed. Can we generate a JSON error object?
Source approve(+Action, +Id)[multifile]
Source deny(+Auth, +Id)[multifile]
Source pengines:not_sandboxed(+User, +Application) is semidet[multifile]
Called by Pengines to see whether User may call non-sandboxed operations in Application.