Comments (8)
You should not do a function call at compile time to find the permissions (Notice that you are calling a function).
That is why when you try to compile the code, it fails because you haven't started the repository and whatnot needed to call the database.
Your intent could be achieved by passing an MFA configuration that could be called to fetch the permissions instead, something like:
use Guardian, otp_app: :dynamic,
permissions: {BaseStructures, :get_table_permissions!, []}
I am not sure if this is supported yet, but a PR is welcomed.
from guardian.
use Guardian, otp_app: :dynamic, permissions: [BaseStructures, :get_table_permissions!, [])
I believe it's a tuple (threeple) {BaseStructures, :get_table_permissions!, []}
see Guardian.Config.
But that won't work still because permissions are cached at compile time. (I just made it so only permissions are resolved at compile time instead of all config). That would need to be changed for this kind of resolution to work for permissions.
From what I'm seeing, the compile time pieces look like they might be optimizations that could just be read at runtime?
from guardian.
I believe it's a tuple (threeple) {BaseStructures, :get_table_permissions!, []} see Guardian.Config.
I fixed it; I meant to use a tuple instead of a list.
But that won't work still because permissions are cached at compile time.
I hear you. The idea is moving it at runtime 🤷🏻 otherwise, no way we could figure this one out as far as I can tell.
from guardian.
I forked this repo as a POC to see if I could approach it with this capability, fork instead of PR at first because I wasn't sure if this was done intentionally or not. Perhaps for added security ??? not sure.
POC here: https://github.com/kairos0ne/guardian
Its a bit rudimentary - Added a update_permissions(perms) function. It can certainly can be improved.
@spec update_permissions(permissions :: map) :: :ok
def update_permissions(permissions) do
Application.put_env(unquote(otp_app), __MODULE__, Keyword.put(config(), :permissions, permissions))
end
Then you can call update_permissions from you Guardian module implementation.
I also changed the permissions module to support run time updates.
If you guys have any suggestions or improvements let me know.
from guardian.
I forked this repo as a POC to see if I could approach it with this capability, fork instead of PR at first because I wasn't sure if this was done intentionally or not. Perhaps for added security ??? not sure.
Please create a PR in Draft. That will help me to follow exactly what you have done so far since otherwise it is hard for me to follow the work.
from guardian.
Sure I'll create a draft PR and a pull in all the changes np
from guardian.
@kairos0ne, any updates from your end?
from guardian.
Let me take a look...
from guardian.
Related Issues (20)
- Compilation error in file guardian.ex: type options/0 undefined HOT 1
- Is guardian relying on JWT's fixed side ? HOT 2
- Provide a way to retrieve verifying secret at runtime using connection information
- Help with EnsureNotAuthenticated HOT 1
- Successfully validates a JWT token with a timestamp in the past
- use Bitwise is deprecated in elixir 1.14-dev
- Warning causing compile error with Elixir 1.14.0 HOT 1
- Unable to set secret_key in runtime.exs HOT 12
- changelog is missing in the doc HOT 1
- all_permissions? function returns true even if permission set given is not within the list of permissions provided and compiled
- guardian.encode_and_sign 1st argument: not an atom HOT 1
- Opaque errors when token verification fails HOT 3
- Using an environment variable as a secret key in elixir 1.14 HOT 2
- Breaking Change on 2.3.1 - Can't encode Bitwise Permissions HOT 6
- Generating a JWT with kty=oct can fail because of incorrect Base64 encoding
- after_encode_and_sign result not used HOT 2
- Move to Elixir 1.14 and otp 25 HOT 3
- system_time vs os_time and time drift HOT 1
- refresh_from_cookie only accepts "default" as key HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from guardian.