AE
Ash Elixir2y ago
barnabasj

Ambiguous Call during Compile because of Extension

I'm creating an extension and I tried adding an actions option to it, but it won't compile the resources anymore because it cant tell which actions function to use. 
  == Compilation error in file test/support/policy.ex ==
** (CompileError) test/support/policy.ex:52: function actions/1 imported from both Demo.Extensions.Rbac.Rbac.Role.Options and Ash.Resource.Dsl, call is ambiguous
    expanding macro: Demo.Extensions.Rbac.Rbac.Role.role/3
    test/support/policy.ex:51: PolicyTestSupport.RootResource (module)
    expanding macro: Demo.Extensions.Rbac.rbac/1
    test/support/policy.ex:48: PolicyTestSupport.RootResource (module)
  == Compilation error in file test/support/policy.ex ==
** (CompileError) test/support/policy.ex:52: function actions/1 imported from both Demo.Extensions.Rbac.Rbac.Role.Options and Ash.Resource.Dsl, call is ambiguous
    expanding macro: Demo.Extensions.Rbac.Rbac.Role.role/3
    test/support/policy.ex:51: PolicyTestSupport.RootResource (module)
    expanding macro: Demo.Extensions.Rbac.rbac/1
    test/support/policy.ex:48: PolicyTestSupport.RootResource (module)
Extension definition: 
 @role %Spark.Dsl.Entity{
    name: :role,
    describe: "If the check is true, the request is forbidden, otherwise run remaining checks.",
    target: Role,
    args: [:role, :fields],
    links: [],
    schema: [
      role: [
        type: :atom,
        required: true,
        doc: """
        The role this config is for
        """
      ],
      fields: [
        type: {:list, :atom},
        required: true,
        doc: """
        The fields the role has access to
        """
      ],
      allowed_actions: [
        type: {:list, :atom},
        required: false,
        doc: """
        The actions the role has access to
        """
      ]
    ],
    examples: [
      "role :user, [:id, :name]"
    ]
  }

  @rbac %Spark.Dsl.Section{
    name: :rbac,
    describe: @moduledoc,
    examples: [
      """
      rbac do
        bypass :admin
        role :user, [:name] do
          actions [:read]
        end
      end
      """
    ],
    schema: [
      bypass: [
        type: :atom,
        doc: "Role that is allowed to bypass authorization"
      ],
      public?: [
        type: :boolean,
        doc: "Allow all access",
        default: false
      ]
    ],
    entities: [
      @role
    ]
  }
 @role %Spark.Dsl.Entity{
    name: :role,
    describe: "If the check is true, the request is forbidden, otherwise run remaining checks.",
    target: Role,
    args: [:role, :fields],
    links: [],
    schema: [
      role: [
        type: :atom,
        required: true,
        doc: """
        The role this config is for
        """
      ],
      fields: [
        type: {:list, :atom},
        required: true,
        doc: """
        The fields the role has access to
        """
      ],
      allowed_actions: [
        type: {:list, :atom},
        required: false,
        doc: """
        The actions the role has access to
        """
      ]
    ],
    examples: [
      "role :user, [:id, :name]"
    ]
  }

  @rbac %Spark.Dsl.Section{
    name: :rbac,
    describe: @moduledoc,
    examples: [
      """
      rbac do
        bypass :admin
        role :user, [:name] do
          actions [:read]
        end
      end
      """
    ],
    schema: [
      bypass: [
        type: :atom,
        doc: "Role that is allowed to bypass authorization"
      ],
      public?: [
        type: :boolean,
        doc: "Allow all access",
        default: false
      ]
    ],
    entities: [
      @role
    ]
  }
20 Replies
ZachDaniel
ZachDaniel2y ago
How strange, I could have sworn I fixed this in spark main I’ll have to reproduce this specific issue instead of approximating it in spark. @barnabasj could you DM me the entire extension? I could paste it into one of my own apps potentially?
barnabasj
barnabasjOP2y ago
sure, might opensource it later on anyway
ZachDaniel
ZachDaniel2y ago
So this isn't an error in my app when using spark main... 
  rbac do
    role :user, [:id, :name] do
      actions([:create])
    end
  end
  rbac do
    role :user, [:id, :name] do
      actions([:create])
    end
  end
barnabasj
barnabasjOP2y ago
that's strange, I have the same thing and it gives me a compile error. let me try again.
ZachDaniel
ZachDaniel2y ago
make sure to mix deps.update spark and that you're pointed at main
barnabasj
barnabasjOP2y ago
ah, the stuff I sent you. I changed actions to allowed_actions in there to make it work for now
ZachDaniel
ZachDaniel2y ago
huh. ohhhh wow so that was actually opening up the actions block :what:
barnabasj
barnabasjOP2y ago
yup
ZachDaniel
ZachDaniel2y ago
oh, yeah okay, hm... the reason it passed my tests is because its all from the same extension but it can't know to do this for other extensions this ones a thinker I think I'm going to have to do something very ugly but that its doable perhaps okay, should be fixed in main 🙂
barnabasj
barnabasjOP2y ago
compiling... compiled successfully 🚀
ZachDaniel
ZachDaniel2y ago
🥳
jart
jart2y ago
@barnabasj glad you and Zach got it sorted. I’m interested in what you learned writing an RBAC and whether you’re able to share any code? We’ve talked about writing one as part of the ecosystem so keen to know more.
barnabasj
barnabasjOP2y ago
Have to talk to some people first, let me get back to you on this tomorrow
jart
jart2y ago
I figured. Take your time.
barnabasj
barnabasjOP2y ago
We moved the code into a separate repository and should be able to open that up by the end of the week or so
jart
jart2y ago
That’s awesome. Thank you.
barnabasj
barnabasjOP2y ago
it's open now https://github.com/traveltechdeluxe/ash-rbac
GitHub
GitHub - traveltechdeluxe/ash-rbac
Contribute to traveltechdeluxe/ash-rbac development by creating an account on GitHub.
ZachDaniel
ZachDaniel2y ago
you should add this to #showcase 😄
natterstefan
natterstefan2y ago
🚀
jart
jart2y ago
Awesome!

Did you find this page helpful?