PublicShow sourcepep.pl -- SWISH PEP (Policy Enforcement Point)

This module implements the Policy Enforcement Point. It is called by modules that perform operations that may not be publically accessible. Examples are:

Source authorized(+Action, +Options) is det
Verify that Action is authorized. Options:
indentity(+Identity)
Indentity is the identity dict as collected by autenticate.pl.

Actions defined:

throws
- http_reply(forbidden(URL)) if the action is not allowed. Can we generate a JSON error object?
Source ws_authorized(+Action, +WSUser) is semidet
True when WSUser is allowed to perform action. WSUser is a dict containing the user info as provided by chat_add_user_id/3. It notably has a key profile_id if the user is logged on.
To be done
- Generalise. Notably, how do we get the identity as authenticate/2 returns?
Source approve(+Action, +Id)[multifile]
Source deny(+Action, +Id)[multifile]
 swish_config:approve(+Action, +Identity, -Approve) is semidet[multifile]
This hook is called by approve/2 and deny/2 before the default rules. If this hook succeeds it must unify Approve with true or false. Action is approved if Approve is true.
Source pengines:not_sandboxed(+User, +Application) is semidet[multifile]
Called by Pengines to see whether User may call non-sandboxed operations in Application.