# ExBouncer :muscle:

An authorization library :cop: in Elixir :sake: for Plug applications that restricts what resources the current user/admin or any role is allowed to access.

Use this in any of your plug module, where you fetch the current user or admin. You could then halt the chain, even before it reaches the controller.

## Installation

**Dependencies**: Make sure you have Erlang 18+ version installed and Elixir 1.x version.

  1. Add exbouncer to your list of dependencies in `mix.exs`:

    ```elixir
    def deps do
      [{:exbouncer, "~> 0.0.1"}]
    end
    ```

  2. Ensure exbouncer is started before your application:

    ```elixir
    def application do
      [applications: [:exbouncer]]
    end
    ```

  3. Define a `ExBouncer.Entries` module with authorization logic

    ```elixir
    defmodule ExBouncer.Entries do
      import ExBouncer.Base

      bouncer_for %User{role: :admin}, [
        ["api", "users", _],
        {"DELETE", ["api", "posts", _]}
      ]
    end
    ```
## Usage

In your plug, once you identify the appropriate resource (say: a current user), you can pass it to check if they are allowed to visit the route.


```elixir
ExBouncer.allow_resource?(%User{role: :admin}, conn)
#=> true
```

```elixir
ExBouncer.allow_visitor?(conn)
#=> false
```

For every `bouncer_for` for a particular resource (say %User{}) is made, then for that route `allow_visitor?\1` would be false.

Begin your code :boom: Bonne Chance :metal: