Safe Haskell	Safe
Language	Haskell2010

Control.SafeAccess

Synopsis

newtype Capability m d = MkCapability {
- runCapability :: d -> m AccessDecision
}
type Capabilities m d = [Capability m d]
data AccessDecision
- = AccessDeniedSoft
- | AccessGranted
- | AccessDenied
newtype SafeAccessT d m a = SafeAccessT {
- runSafeAccessT :: Capabilities m d -> m (Either d a)
}
class (Monad m, Monad s) => MonadSafeAccess d m s | m -> s, m -> d where
- getCapabilities :: m (Capabilities s d)
- liftSub :: s a -> m a
- denyAccess :: d -> m ()
- catchAccessError :: m a -> (d -> m a) -> m a
ensureAccess :: MonadSafeAccess d m s => d -> m ()
unsecureAllow :: (Monad m, Eq d) => [d] -> SafeAccessT d m a -> SafeAccessT d m a
singleCapability :: (Applicative f, Eq d) => d -> Capability f d
someCapabilities :: (Applicative f, Eq d) => [d] -> Capability f d
passthroughCapability :: Applicative f => Capability f d
liftExceptT :: ExceptT d m a -> SafeAccessT d m a
liftCapability :: (Monad m, MonadTrans t) => Capability m d -> Capability (t m) d

Documentation

newtype Capability m d Source #

Allow things to be accessed. See ensureAccess.

d is the type describing an access.

Constructors

MkCapability
Fields runCapability :: d -> m AccessDecision

Instances

Applicative m => Semigroup (Capability m d) Source #
Instance details Defined in Control.SafeAccess Methods (<>) :: Capability m d -> Capability m d -> Capability m d # sconcat :: NonEmpty (Capability m d) -> Capability m d # stimes :: Integral b => b -> Capability m d -> Capability m d #
Applicative m => Monoid (Capability m d) Source #
Instance details Defined in Control.SafeAccess Methods mempty :: Capability m d # mappend :: Capability m d -> Capability m d -> Capability m d # mconcat :: [Capability m d] -> Capability m d #

type Capabilities m d = [Capability m d] Source #

data AccessDecision Source #

Control the decision process.

The constructors are ordered by prevalence. For instance, if two capabilities respectively return AccessGranted and AccessDenied, the final decision will be AccessDenied.

Constructors

AccessDeniedSoft	No but another `Capability` can still decide to grant
AccessGranted	Final yes (see explanation)
AccessDenied	Final no

Instances

Eq AccessDecision Source #
Instance details Defined in Control.SafeAccess Methods (==) :: AccessDecision -> AccessDecision -> Bool # (/=) :: AccessDecision -> AccessDecision -> Bool #
Show AccessDecision Source #
Instance details Defined in Control.SafeAccess Methods showsPrec :: Int -> AccessDecision -> ShowS # show :: AccessDecision -> String # showList :: [AccessDecision] -> ShowS #
Semigroup AccessDecision Source #
Instance details Defined in Control.SafeAccess Methods (<>) :: AccessDecision -> AccessDecision -> AccessDecision # sconcat :: NonEmpty AccessDecision -> AccessDecision # stimes :: Integral b => b -> AccessDecision -> AccessDecision #
Monoid AccessDecision Source #
Instance details Defined in Control.SafeAccess Methods mempty :: AccessDecision # mappend :: AccessDecision -> AccessDecision -> AccessDecision # mconcat :: [AccessDecision] -> AccessDecision #

newtype SafeAccessT d m a Source #

A simple monad transformer to ensure that data are accessed legitimately.

The return value is either the description of an access having been denied (left) or the result of the normal computation (right).

Constructors

SafeAccessT
Fields runSafeAccessT :: Capabilities m d -> m (Either d a)

Instances

MonadWriter w m => MonadWriter w (SafeAccessT d m) Source #
Instance details Defined in Control.SafeAccess Methods writer :: (a, w) -> SafeAccessT d m a # tell :: w -> SafeAccessT d m () # listen :: SafeAccessT d m a -> SafeAccessT d m (a, w) # pass :: SafeAccessT d m (a, w -> w) -> SafeAccessT d m a #
MonadState s m => MonadState s (SafeAccessT d m) Source #
Instance details Defined in Control.SafeAccess Methods get :: SafeAccessT d m s # put :: s -> SafeAccessT d m () # state :: (s -> (a, s)) -> SafeAccessT d m a #
MonadReader r m => MonadReader r (SafeAccessT d m) Source #
Instance details Defined in Control.SafeAccess Methods ask :: SafeAccessT d m r # local :: (r -> r) -> SafeAccessT d m a -> SafeAccessT d m a # reader :: (r -> a) -> SafeAccessT d m a #
MonadError e m => MonadError e (SafeAccessT d m) Source #
Instance details Defined in Control.SafeAccess Methods throwError :: e -> SafeAccessT d m a # catchError :: SafeAccessT d m a -> (e -> SafeAccessT d m a) -> SafeAccessT d m a #
Monad m => MonadSafeAccess d (SafeAccessT d m) m Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: SafeAccessT d m (Capabilities m d) Source # liftSub :: m a -> SafeAccessT d m a Source # denyAccess :: d -> SafeAccessT d m () Source # catchAccessError :: SafeAccessT d m a -> (d -> SafeAccessT d m a) -> SafeAccessT d m a Source #
MonadTrans (SafeAccessT d) Source #
Instance details Defined in Control.SafeAccess Methods lift :: Monad m => m a -> SafeAccessT d m a #
Monad m => Monad (SafeAccessT d m) Source #
Instance details Defined in Control.SafeAccess Methods (>>=) :: SafeAccessT d m a -> (a -> SafeAccessT d m b) -> SafeAccessT d m b # (>>) :: SafeAccessT d m a -> SafeAccessT d m b -> SafeAccessT d m b # return :: a -> SafeAccessT d m a # fail :: String -> SafeAccessT d m a #
Functor f => Functor (SafeAccessT d f) Source #
Instance details Defined in Control.SafeAccess Methods fmap :: (a -> b) -> SafeAccessT d f a -> SafeAccessT d f b # (<$) :: a -> SafeAccessT d f b -> SafeAccessT d f a #
Applicative f => Applicative (SafeAccessT d f) Source #
Instance details Defined in Control.SafeAccess Methods pure :: a -> SafeAccessT d f a # (<>) :: SafeAccessT d f (a -> b) -> SafeAccessT d f a -> SafeAccessT d f b # liftA2 :: (a -> b -> c) -> SafeAccessT d f a -> SafeAccessT d f b -> SafeAccessT d f c # (>) :: SafeAccessT d f a -> SafeAccessT d f b -> SafeAccessT d f b # (<*) :: SafeAccessT d f a -> SafeAccessT d f b -> SafeAccessT d f a #
MonadIO m => MonadIO (SafeAccessT d m) Source #
Instance details Defined in Control.SafeAccess Methods liftIO :: IO a -> SafeAccessT d m a #

class (Monad m, Monad s) => MonadSafeAccess d m s | m -> s, m -> d where Source #

Methods

getCapabilities :: m (Capabilities s d) Source #

liftSub :: s a -> m a Source #

denyAccess :: d -> m () Source #

catchAccessError :: m a -> (d -> m a) -> m a Source #

Catch an access error, i.e. an access descriptor which resulted into an access denied given the capabilities.

Instances

MonadSafeAccess d m s => MonadSafeAccess d (MaybeT m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: MaybeT m (Capabilities s d) Source # liftSub :: s a -> MaybeT m a Source # denyAccess :: d -> MaybeT m () Source # catchAccessError :: MaybeT m a -> (d -> MaybeT m a) -> MaybeT m a Source #
MonadSafeAccess d m s => MonadSafeAccess d (ListT m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: ListT m (Capabilities s d) Source # liftSub :: s a -> ListT m a Source # denyAccess :: d -> ListT m () Source # catchAccessError :: ListT m a -> (d -> ListT m a) -> ListT m a Source #
(MonadSafeAccess d m s, Monoid w) => MonadSafeAccess d (WriterT w m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: WriterT w m (Capabilities s d) Source # liftSub :: s a -> WriterT w m a Source # denyAccess :: d -> WriterT w m () Source # catchAccessError :: WriterT w m a -> (d -> WriterT w m a) -> WriterT w m a Source #
MonadSafeAccess d m s => MonadSafeAccess d (IdentityT m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: IdentityT m (Capabilities s d) Source # liftSub :: s a -> IdentityT m a Source # denyAccess :: d -> IdentityT m () Source # catchAccessError :: IdentityT m a -> (d -> IdentityT m a) -> IdentityT m a Source #
MonadSafeAccess d m s => MonadSafeAccess d (StateT s' m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: StateT s' m (Capabilities s d) Source # liftSub :: s a -> StateT s' m a Source # denyAccess :: d -> StateT s' m () Source # catchAccessError :: StateT s' m a -> (d -> StateT s' m a) -> StateT s' m a Source #
MonadSafeAccess d m s => MonadSafeAccess d (ExceptT e m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: ExceptT e m (Capabilities s d) Source # liftSub :: s a -> ExceptT e m a Source # denyAccess :: d -> ExceptT e m () Source # catchAccessError :: ExceptT e m a -> (d -> ExceptT e m a) -> ExceptT e m a Source #
Monad m => MonadSafeAccess d (SafeAccessT d m) m Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: SafeAccessT d m (Capabilities m d) Source # liftSub :: m a -> SafeAccessT d m a Source # denyAccess :: d -> SafeAccessT d m () Source # catchAccessError :: SafeAccessT d m a -> (d -> SafeAccessT d m a) -> SafeAccessT d m a Source #
MonadSafeAccess d m s => MonadSafeAccess d (ReaderT r m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: ReaderT r m (Capabilities s d) Source # liftSub :: s a -> ReaderT r m a Source # denyAccess :: d -> ReaderT r m () Source # catchAccessError :: ReaderT r m a -> (d -> ReaderT r m a) -> ReaderT r m a Source #
MonadSafeAccess d m s => MonadSafeAccess d (ContT e m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: ContT e m (Capabilities s d) Source # liftSub :: s a -> ContT e m a Source # denyAccess :: d -> ContT e m () Source # catchAccessError :: ContT e m a -> (d -> ContT e m a) -> ContT e m a Source #
(MonadSafeAccess d m s, Monoid w) => MonadSafeAccess d (RWST r w st m) s Source #
Instance details Defined in Control.SafeAccess Methods getCapabilities :: RWST r w st m (Capabilities s d) Source # liftSub :: s a -> RWST r w st m a Source # denyAccess :: d -> RWST r w st m () Source # catchAccessError :: RWST r w st m a -> (d -> RWST r w st m a) -> RWST r w st m a Source #

ensureAccess :: MonadSafeAccess d m s => d -> m () Source #

Check that the access is legal or make the monad "fail".

unsecureAllow :: (Monad m, Eq d) => [d] -> SafeAccessT d m a -> SafeAccessT d m a Source #

Allow certain accesses regardless of the capabilities. (unsecure!)

singleCapability :: (Applicative f, Eq d) => d -> Capability f d Source #

Create a capability which only allows a given access

someCapabilities :: (Applicative f, Eq d) => [d] -> Capability f d Source #

Create a capability which only allows given accesses

passthroughCapability :: Applicative f => Capability f d Source #

A special capability which allows every access. Be careful with this!

liftExceptT :: ExceptT d m a -> SafeAccessT d m a Source #

Lift an action from ErrorT to SafeAccessT.

liftCapability :: (Monad m, MonadTrans t) => Capability m d -> Capability (t m) d Source #