About policies

# api code
  authorization do
    authorize :by_default
  end

# organization code
  policies do
    policy always() do
      authorize_if relates_to_actor_via(:users)
    end
  end

# code interface usage
Accounts.Organization.list!()
# [debug] QUERY OK source="acl_organizations" db=3.4ms idle=1311.1ms
#SELECT a0."id", a0."subject" FROM "acl_organizations" AS a0 []

Accounts.Organization.list!(authorize?: true)
# Policy | 🔎:
#   authorize if: record.users == actor | ✘ | 🔎

Accounts.Organization.list!(actor: current_user)
# Policy | 🔎:
#   authorize if: record.users == actor | ✓ | 🔎

# NOTE: Query little bit more complex because it has many to many relationship with actor
# [debug] QUERY OK source="acl_organizations" db=6.1ms queue=0.1ms idle=1397.1ms
# SELECT a0."id", a0."subject" FROM "acl_organizations" AS a0 WHERE (exists((SELECT 1 FROM "public"."acl_users" AS sa0 INNER JOIN "public"."acl_organization_user" AS sa1 ON (sa1."user_id" = sa0."id") AND (a0."id" = sa1."organization_id") WHERE (sa0."id"::uuid = $1::uuid)))) ["feeee177-9287-42c7-9bd4-d8372814b75f"]