[erlang-questions] Declarative Security in Erlang

Andrew Berman rexxe98@REDACTED
Mon May 21 21:43:18 CEST 2012


Does anyone have any thoughts on this?  I was thinking about just starting
a new process every time I access the API and then store the current user
in there.  Any thoughts?

Thanks again!

On Sat, May 19, 2012 at 12:38 PM, Andrew Berman <rexxe98@REDACTED> wrote:

> Hey all,
>
> I'm trying to mimic (as much as I can) what JEE 6 does with security on
> domain objects.  Essentially what I'd like to do is create an annotation
> using Tim's awesome annotation code (
> https://github.com/hyperthunk/annotations) and test on a user's roles.
>  The one issue I'm wrestling with is how to get the user into the
> annotation.  The obvious way is to have every function I put the annotation
> on take in a user record and then loop through the arguments of the
> function looking for the user record.  That way doesn't seem very elegant
> to me, though.  I really want to just say something like User =
> get_current_user(...).  Has anyone tackled this sort of issue or have any
> advice on how to handle it in an Erlang safe manner?
>
> Thanks,
>
> Andrew
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20120521/2af7de8a/attachment.htm>


More information about the erlang-questions mailing list