Module headless_lms_server::domain::authorization
source Β· Expand description
Common functionality related to authorization
Structs§
- Extractor for an authenticated user.
- Validates that user has right to function
- Responder for AuthorizationToken
- GraphQLRequest π
- MoocfiUser π
- MoocfiUserResponse π
Enums§
- Describes an action that a user can take on some resource.
- The target of an action.
Constants§
- MOOCFI_GRAPHQL_URL π
- SESSION_KEY π
Functions§
- HTTP Client used only for authing with TMC server, this is to ensure that TMC server does not rate limit auth requests from backend
- Authenticates the user with mooc.fi, returning the authenticated user and their oauth token.
- The authorization token is the only way to return a controller result, and should only be used in controller functions that return a response to the user.
- Can be used to check whether user is allowed to view some course material
- Can be used to check whether user is allowed to view some course material
- Same as
authorize
, but takes as an argumentVec<Role>
so that we avoid fetching the roles from the database for optimization reasons. This is useful when weβre checking multiple authorizations at once. - Can be used to check whether user is allowed to view some course material. Chapters can be closed and and limited to certain people only.
- Also checks organization and course roles which are valid for course instances.
- Also checks organization role which is valid for courses.
- Also checks organization role which is valid for exams.
- Forgets authentication from the current session, if any.
- Checks if the user is authenticated in the given session.
- has_permission π
- Stores the user as authenticated in the given session.
- Skips the authorize() and returns AuthorizationToken, needed in functions with anonymous and test users
- For making sure the user saved in the session still exists in the database. Check the userβs existance when the session is at least 3 hours old, updates the session automatically, and returns an up-to-date AuthUser.