Refactor Permissions to streamline api #26
Description
As a developer and user of twigs I want the twigs.security package to have a consistent api.
Acceptance Criteria
- twigs.security is refactoreed
- PermissionsProvider/Permissions is renamed to Authorizer (PermissionEvaluator uses Authorizer)
- User loading and clearing of security context ("logout") is refactored
- custom registered userLoader function must return a promise: is resolved to a valid user object or rejected!
The following methods should return promises, so that they can also be used wihtout ProtectedRoutes.
hasPermission()
If user is not yet loaded, wait for loaded user, then evaluate. Will return a promise that resolves to either true or false.
hasRole()
If user is not yet loaded, wait for loaded user, then evaluate. Will return a promise that resolves to either true or false.
isAuthenticated()
If user is not yet loaded, wait for loaded user, then evaluate. Will return a promise that resolves to either true or false.
The "clearSecurityContext()" method rejects the currently pending user request if any (promise). Then clears the stored user object (if any) and permissions.