Description description An array of ACL descriptors. Each descriptor provides the mechanism to match against a user object by ID or group membership and determine the whether or not a request is allowed for the user and operation using some predicate.
Description This is mapping of group names to “extractors”. An extractor can be a function or a string. If it is a function, it should take a user object as its sole argument and return the group name as a string. Otherwise, it should be a string in property path notation (e.g., “foo.bar.baz”).
permissionDefinitions Required Description mapping of permissions to defaults
Default false Description xxx
- acl (
Acl) – The second ACL
Description Generates an ACL that is the logical conjunction of this ACL and a second ACL
- acl (
- user (Object) – A user object
- permission (string) – The name of the operation being authorized
- env (Object.<string, Object>) – Request context (e.g.,
Throws Error Returns Whether or not the request is authorized Return type boolean Description Determines whether the current request is allowed based on the current user (as returned by
authenticate) and operation