From bd09750403e0f0ed7add2b9198fb7cb74f0aeb34 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@stanford.edu>
Date: Wed, 13 Sep 2006 23:59:49 +0000
Subject: Add the default_check() call to check a principal against the default
 ACL for a particular object type.

---
 doc/design-api | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'doc/design-api')

diff --git a/doc/design-api b/doc/design-api
index 39d160b..0af6862 100644
--- a/doc/design-api
+++ b/doc/design-api
@@ -61,6 +61,19 @@ Object API
     display, or undef on error.  On error, the caller should call error()
     to get the error text.
 
+  default_check(PRINCIPAL)
+
+    Applies the default authorization rules for this object type, if any,
+    and returns 1 if those default authorization rules allow access.  If
+    there are no authorization rules or if they don't allow access,
+    returns 0.  On error, returns undef; the caller should call error() to
+    get the error text.
+
+  error()
+
+    Returns the error text from the last failed get(), store(), show(), or
+    default_check() call.
+
 ACL API
 
   new()
-- 
cgit v1.2.3