AE
Ash Elixir2y ago
edwinofdawn

Policies Usage

I am guessing policies always get evaluated before the action is called. Can I set an argument based on the results of a policies evaluation ?
5 Replies
ZachDaniel
ZachDaniel2y ago
Not really, no. The policies failing results in a Forbidden error, so the rest of the action isn't called. Could you tell me a bit more about wha tyou're trying to do?
edwinofdawn
edwinofdawnOP2y ago
I was trying to avoid code forking and using the same action to filter and return results depending on whether the user is an admin or normal member I opted against it though
ZachDaniel
ZachDaniel2y ago
You can do that with filter policies 
policy [action_type(:read)] do
  authorize_if IsAdmin
  authorize_if expr(some filter condition)
end
policy [action_type(:read)] do
  authorize_if IsAdmin
  authorize_if expr(some filter condition)
end
That would allow admins to see everything, and would apply the filter in the second check if the user is not an admin
moxley
moxley2y ago
The problem @edwinofdawn is trying to solve is to apply looser filtering on the underlying database query if the argument is passed. This is for the use case where an Admin UI needs to display more data for the admin case. Then when the same admin user visits another UI that is designed to be consumed by regular users, the data returned by the query should be the same as if it were requested by a regular user. However, we've now realize this thinking is rooted in a non-Ash worldview, where creating new API endpoints (GraphQL queries) was expensive. With Ash, creating new queries is relatively inexpensive, so that's what we're going to do.
ZachDaniel
ZachDaniel2y ago
Ah, yeah exactly. Id have a read action specifically for that page that applies the filter globally.

Did you find this page helpful?