Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
(defn wrap-enforce-roles [handler]
(fn [{::keys [roles request-method] :as request}]
(let [required (some-> request (ring/get-match) :data request-method ::roles)]
(if (and (seq required) (not (set/subset? required roles)))
{:status 403, :body "forbidden"}
(handler request)))))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment