Various updates.

src/api.js

@@ -71,7 +71,9 @@ let checkAuthorization
 
 function authorized () {}
 // function forbiddden () {
-//   throw new Unauthorized()
+//   // We don't care about an error object.
+//   /* eslint no-throw-literal: 0 */
+//   throw null
 // }
 function checkMemberAuthorization (member) {
   return function (userId, object, permission) {
@@ -129,13 +131,13 @@ function throwIfFail (success) {
   }
 }
 
-function defaultCheckAuthorization (userId, object) {
-  return this.canAccess(userId, object.id).then(throwIfFail)
+function defaultCheckAuthorization (userId, object, permission) {
+  return this.canAccess(userId, object.id, permission).then(throwIfFail)
 }
 
-checkAuthorization = Bluebird.method(function (userId, object) {
+checkAuthorization = Bluebird.method(function (userId, object, permission) {
   const fn = checkAuthorizationByTypes[object.type] || defaultCheckAuthorization
-  return fn.call(this, userId, object)
+  return fn.call(this, userId, object, permission)
 })
 
 function resolveParams (method, params) {
@@ -153,7 +155,7 @@ function resolveParams (method, params) {
   const isAdmin = this.user.hasPermission('admin')
 
   const promises = []
-  forEach(resolve, ([param, types, permission], key) => {
+  forEach(resolve, ([param, types, permission = 'administrate'], key) => {
     const id = params[param]
     if (id === undefined) {
       return

src/collection/redis.js

@@ -63,12 +63,12 @@ export default class Redis extends Collection {
     // TODO: remove “replace” which is a temporary measure, implement
     // “set()” instead.
 
-    const {indexes, prefix, redis} = this
+    const {indexes, prefix, redis, idPrefix = ''} = this
 
     return Bluebird.map(models, coroutine(function * (model) {
       // Generate a new identifier if necessary.
       if (model.id === undefined) {
-        model.id = String(yield redis.incr(prefix + '_id'))
+        model.id = idPrefix + String(yield redis.incr(prefix + '_id'))
       }
 
       const success = yield redis.sadd(prefix + '_ids', model.id)

src/models/group.js

@@ -14,6 +14,10 @@ export class Groups extends Collection {
     return Group
   }
 
+  get idPrefix () {
+    return 'group:'
+  }
+
   create (name) {
     return this.add(new Group({
       name,

src/xo.js

@@ -151,12 +151,9 @@ export default class Xo extends EventEmitter {
 
   // -----------------------------------------------------------------
 
-  async addAcl (subject, object, role) {
-    subject = (await this.getUser(subject)).id
-    object = this.getObject(object).id
-
+  async addAcl (subjectId, objectId, action) {
     try {
-      await this._acls.create(subject, object, role)
+      await this._acls.create(subjectId, objectId, action)
     } catch (error) {
       if (!(error instanceof ModelAlreadyExists)) {
         throw error
@@ -164,12 +161,12 @@ export default class Xo extends EventEmitter {
     }
   }
 
-  async removeAcl (subject, object, role) {
-    await this._acls.delete(subject, object, role)
+  async removeAcl (subjectId, objectId, action) {
+    await this._acls.delete(subjectId, objectId, action)
   }
 
-  async getAclsForSubject (subject) {
-    return this._acls.get({ subject })
+  async getAclsForSubject (subjectId) {
+    return this._acls.get({ subject: subjectId })
   }
 
   // TODO: remove when new collection.