ACL

AV. ACL

An ACL, or Access Control List can be added to any AV.Object to restrict access to only a subset of users of your application.

Constructor

new ACL()

Source:
See:
Creates a new ACL. If no argument is given, the ACL has no permissions for anyone. If the argument is a AV.User, the ACL will have read and write permission for only that user. If the argument is any other JSON object, that object will be interpretted as a serialized ACL created with toJSON().

Methods

getPublicReadAccess() → {Boolean}

Source:
Get whether the public is allowed to read this object.
Returns:
Type
Boolean

getPublicWriteAccess() → {Boolean}

Source:
Get whether the public is allowed to write this object.
Returns:
Type
Boolean

getReadAccess(userId) → {Boolean}

Source:
Get whether the given user id is *explicitly* allowed to read this object. Even if this returns false, the user may still be able to access it if getPublicReadAccess returns true or a role that the user belongs to has write access.
Parameters:
Name Type Description
userId An instance of AV.User or its objectId, or a AV.Role.
Returns:
Type
Boolean

getRoleReadAccess(role) → {Boolean}

Source:
Get whether users belonging to the given role are allowed to read this object. Even if this returns false, the role may still be able to write it if a parent role has read access.
Parameters:
Name Type Description
role The name of the role, or a AV.Role object.
Throws:
If role is neither a AV.Role nor a String.
Type
String
Returns:
true if the role has read access. false otherwise.
Type
Boolean

getRoleWriteAccess(role) → {Boolean}

Source:
Get whether users belonging to the given role are allowed to write this object. Even if this returns false, the role may still be able to write it if a parent role has write access.
Parameters:
Name Type Description
role The name of the role, or a AV.Role object.
Throws:
If role is neither a AV.Role nor a String.
Type
String
Returns:
true if the role has write access. false otherwise.
Type
Boolean

getWriteAccess(userId) → {Boolean}

Source:
Get whether the given user id is *explicitly* allowed to write this object. Even if this returns false, the user may still be able to write it if getPublicWriteAccess returns true or a role that the user belongs to has write access.
Parameters:
Name Type Description
userId An instance of AV.User or its objectId, or a AV.Role.
Returns:
Type
Boolean

setPublicReadAccess(allowed)

Source:
Set whether the public is allowed to read this object.
Parameters:
Name Type Description
allowed Boolean

setPublicWriteAccess(allowed)

Source:
Set whether the public is allowed to write this object.
Parameters:
Name Type Description
allowed Boolean

setReadAccess(userId, allowed)

Source:
Set whether the given user is allowed to read this object.
Parameters:
Name Type Description
userId An instance of AV.User or its objectId.
allowed Boolean Whether that user should have read access.

setRoleReadAccess(role, allowed)

Source:
Set whether users belonging to the given role are allowed to read this object.
Parameters:
Name Type Description
role The name of the role, or a AV.Role object.
allowed Boolean Whether the given role can read this object.
Throws:
If role is neither a AV.Role nor a String.
Type
String

setRoleWriteAccess(role, allowed)

Source:
Set whether users belonging to the given role are allowed to write this object.
Parameters:
Name Type Description
role The name of the role, or a AV.Role object.
allowed Boolean Whether the given role can write this object.
Throws:
If role is neither a AV.Role nor a String.
Type
String

setWriteAccess(userId, allowed)

Source:
Set whether the given user id is allowed to write this object.
Parameters:
Name Type Description
userId An instance of AV.User or its objectId, or a AV.Role..
allowed Boolean Whether that user should have write access.

toJSON() → {Object}

Source:
Returns a JSON-encoded version of the ACL.
Returns:
Type
Object