Class: Acl

Acl(metadataopt)

Creates a new Acl object, with an empty rule set for an object

Constructor

new Acl(metadataopt)

Parameters:
Name Type Attributes Description
metadata util.Metadata <optional>

the metadata of the object, null for files

Source:

Members

(readonly) read :util.Permission

The read permission of the object

Type:
Source:

(readonly) write :util.Permission

The write permission of the object

Type:
Source:

Methods

allowReadAccess(…userOrRole) → {Acl}

Allows the given user or rule to read the object

Parameters:
Name Type Attributes Description
userOrRole model.User | model.Role | string <repeatable>

The user or role to allow

Source:
Returns:

this acl object

Type
Acl

allowWriteAccess(…userOrRole) → {Acl}

Allows the given user or rule to write the object

Parameters:
Name Type Attributes Description
userOrRole model.User | model.Role | string <repeatable>

The user or role to allow

Source:
Returns:

this acl object

Type
Acl

clear() → {void}

Removes all acl rules, read and write access is public afterwards

Source:
Returns:
Type
void

copy(acl) → {Acl}

Copies permissions from another ACL

Parameters:
Name Type Description
acl Acl

The ACL to copy from

Source:
Returns:
Type
Acl

deleteReadAccess(…userOrRole) → {Acl}

Deletes any read allow/deny rule for the given user or role

Parameters:
Name Type Attributes Description
userOrRole model.User | model.Role | string <repeatable>

The user or role

Source:
Returns:

this acl object

Type
Acl

deleteWriteAccess(…userOrRole) → {Acl}

Deletes any write allow/deny rule for the given user or role

Parameters:
Name Type Attributes Description
userOrRole model.User | model.Role | string <repeatable>

The user or role

Source:
Returns:

this acl object

Type
Acl

denyReadAccess(…userOrRole) → {Acl}

Denies the given user or rule to read the object

Parameters:
Name Type Attributes Description
userOrRole model.User | model.Role | string <repeatable>

The user or role to deny

Source:
Returns:

this acl object

Type
Acl

denyWriteAccess(…userOrRole) → {Acl}

Denies the given user or rule to write the object

Parameters:
Name Type Attributes Description
userOrRole model.User | model.Role | string <repeatable>

The user or role to deny

Source:
Returns:

this acl object

Type
Acl

fromJSON(json) → {void}

Sets the acl rules form JSON

Parameters:
Name Type Description
json json

The json encoded acls

Source:
Returns:
Type
void

isPublicReadAllowed() → {boolean}

Gets whenever all users and roles have the permission to read the object

Source:
Returns:

true If public access is allowed

Type
boolean

isPublicWriteAllowed() → {boolean}

Gets whenever all users and roles have the permission to write the object

Source:
Returns:

true If public access is allowed

Type
boolean

isReadAllowed(userOrRole) → {boolean}

Checks whenever the user or role is explicit allowed to read the object

Parameters:
Name Type Description
userOrRole model.User | model.Role | string

The user or role to check for

Source:
Returns:

true if read access is explicitly allowed for the given user or role

Type
boolean

isReadDenied(userOrRole) → {boolean}

Checks whenever the user or role is explicit denied to read the object

Parameters:
Name Type Description
userOrRole model.User | model.Role | string

The user or role to check for

Source:
Returns:

true if read access is explicitly denied for the given user or role

Type
boolean

isWriteAllowed(userOrRole) → {boolean}

Checks whenever the user or role is explicit allowed to write the object

Parameters:
Name Type Description
userOrRole model.User | model.Role | string

The user or role to check for

Source:
Returns:

true if write access is explicitly allowed for the given user or role

Type
boolean

isWriteDenied(userOrRole) → {boolean}

Checks whenever the user or role is explicit denied to write the object

Parameters:
Name Type Description
userOrRole model.User | model.Role | string

The user or role to check for

Source:
Returns:

true if write access is explicitly denied for the given user or role

Type
boolean

setPublicReadAllowed() → {void}

Sets whenever all users and roles should have the permission to read the object

Note: All other allow read rules will be removed.

Source:
Returns:
Type
void

setPublicWriteAllowed() → {void}

Sets whenever all users and roles should have the permission to write the object

Note: All other allow write rules will be removed.

Source:
Returns:
Type
void

toJSON() → {json}

A JSON representation of the set of rules

Source:
Returns:
Type
json