[Haskell-cafe] Role based access control via monads or arrows or... something

David Roundy droundy at darcs.net
Thu Apr 3 09:18:13 EDT 2008

On Thu, Apr 03, 2008 at 12:45:49AM +0000, Luke Palmer wrote:
> 2008/4/2 porrifolius <porrifolius at gmail.com>:
> >   (7) ideally required permissions would appear (and accumulate) in
> >  type signatures via inference so application code knows which are
> >  required and type checker can reject static/dynamic role constraint
> >  violations
> If you mean what I think you mean by "dynamic", that these are runtime
> permissions, then you're not going to get the type checker to check
> them... of course.  What did you mean by dynamic?

With GADTs you can certainly get pretty easy compile-time type checking of
dynamic constraints.  The catch is that GADTs aren't properly integrated
with type classes, and this sort of permissions problem may not be
expressible without class constraints, in which case the system may require
olegish code complexity.

At the simplest (and stupidest) level, one could define

data CanReadA
data CanReadB
-- etc

data HavePermission perms where
   HaveAPerm :: HavePermission CanReadA
   HaveBPerm :: HavePermission CanReadB

and if you then restricted access to the constructors of HavePermission,
you could write code like

data RestrictedData permrequired a = Data a
-- constructor obviously not exported, or you'd lose any safety

readRestrictedData :: HavePermission perm -> RestrictedData perm a -> a

and now if you export readRestrictedData only, then only folks with the
proper permissions could access the data (and this could be done at

But this is far from an elegant or satisfactory (or complete) solution.
David Roundy
Department of Physics
Oregon State University

More information about the Haskell-Cafe mailing list