biscuit-haskell-0.4.0.0: Library support for the Biscuit security token
Safe HaskellNone
LanguageHaskell2010

Auth.Biscuit.Datalog.Parser

Synopsis

Documentation

type Span = (Int, Int) Source #

l :: Parser a -> Parser a Source #

termParser :: forall (inSet :: IsWithinSet) (pof :: PredicateOrFact). Parser (VariableType inSet pof) -> Parser (SetType inSet 'WithSlices) -> Parser (Term' inSet pof 'WithSlices) Source #

compileParser :: Lift a => Parser a -> (a -> Q Exp) -> String -> Q Exp Source #

rule :: QuasiQuoter Source #

Quasiquoter for a rule expression. You can reference haskell variables like this: {variableName}.

You most likely want to directly use block or authorizer instead.

predicate :: QuasiQuoter Source #

Quasiquoter for a predicate expression. You can reference haskell variables like this: {variableName}.

You most likely want to directly use block or authorizer instead.

fact :: QuasiQuoter Source #

Quasiquoter for a fact expression. You can reference haskell variables like this: {variableName}.

You most likely want to directly use block or authorizer instead.

check :: QuasiQuoter Source #

Quasiquoter for a check expression. You can reference haskell variables like this: {variableName}.

You most likely want to directly use block or authorizer instead.

block :: QuasiQuoter Source #

Compile-time parser for a block expression, intended to be used with the QuasiQuotes extension.

A typical use of block looks like this:

let fileName = "data.pdf"
 in [block|
      // datalog can reference haskell variables with {variableName}
      resource({fileName});
      rule($variable) <- fact($value), other_fact($value);
      check if operation("read");
    |]

authorizer :: QuasiQuoter Source #

Compile-time parser for an authorizer expression, intended to be used with the QuasiQuotes extension.

A typical use of authorizer looks like this:

do
  now <- getCurrentTime
  pure [authorizer|
         // datalog can reference haskell variables with {variableName}
         current_time({now});
         // authorizers can contain facts, rules and checks like blocks, but
         // also declare policies. While every check has to pass for a biscuit to
         // be valid, policies are tried in order. The first one to match decides
         // if the token is valid or not
         allow if resource("file1");
         deny if true;
       |]

query :: QuasiQuoter Source #

Compile-time parser for a query expression, intended to be used with the QuasiQuotes extension.

A typical use of query looks like this:

[query|user($user_id) or group($group_id)|]