A module that configures and registers an instance of
An authorization policy that permits actions based on access control lists.
permits(action, context, identity)¶
Determines whether the user identified by identity is permitted to perform the specified action in the given context.
If the context has a “permissions” object property, then actions will be permitted if either of the following are true:
- permissions[action] is undefined or null,
- permissions[action] is an Array containing the authorized userid for the given identity.
If the context has no permissions associated with it then all actions will be permitted.
If the annotation has a “user” property, then actions will be permitted only if identity matches this “user” property.
If the annotation has neither a “permissions” property nor a “user” property, then all actions will be permitted.
- action (String) – The action to perform.
- context – The permissions context for the authorization check.
- identity – The identity whose authorization is being checked.
Whether the action is permitted in this context for this identity.
Returns the authorized userid for the user identified by identity.