Use Policy.SimpleCheck inside an expr

Right now I have the following policy:

policy action([...]) do
      forbid_if MarketsChecks.NotConfirmedYet
      forbid_unless MarketsChecks.IsInvestor
      authorize_if always()
 end

policy action([...]) do
      forbid_if MarketsChecks.NotConfirmedYet
      forbid_unless MarketsChecks.IsInvestor
      authorize_if always()
 end

As you can see, the second policy checks if the actor is an investor and forbids access if it is not. Now I want to change that policy a little bit, I want to allow it not only if it is an investor, but also if it is an agent. I could just create an IsInvestorOrAgent SimpleCheck, but I would prefer to just create an IsAgent and use it inside an expression with both checks, something like this:

policy action([...]) do
      forbid_if MarketsChecks.NotConfirmedYet
      forbid_unless expr(MarketsChecks.IsInvestor or MarketsChecks.IsAgent)
      authorize_if always()
 end

policy action([...]) do
      forbid_if MarketsChecks.NotConfirmedYet
      forbid_unless expr(MarketsChecks.IsInvestor or MarketsChecks.IsAgent)
      authorize_if always()
 end

Right now this doesn't seem to work though

4 Replies

ZachDaniel•3y ago

Correct, you can’t use checks that way In an expression like that I mean

BlibsOP•3y ago

What would you suggest as an alternative in this case? Create an IsInvestorOrAgent check?

ZachDaniel•3y ago

That, or reword your policies/checks to mix them properly. For instance, add an authorize_if for both And then remove the authorize_if always

BlibsOP•3y ago

Got it, thanks!

Gaming

Programming

Use Policy.SimpleCheck inside an expr

Did you find this page helpful?