Error in action when policy is added
I have this action on the DashboardGroup resource:
Attributes:
Relationships:
Policy:
Struggling with tests. I have this:
The second to last line is giving an error:
But inside LV modules, trying to get a dashboard group by id when the actor does not have permission results in
read :get_by_id do
get? true
argument :id, :uuid, allow_nil?: false
argument :organization_id, :uuid, allow_nil?: false
filter expr(id == ^arg(:id))
endread :get_by_id do
get? true
argument :id, :uuid, allow_nil?: false
argument :organization_id, :uuid, allow_nil?: false
filter expr(id == ^arg(:id))
endAttributes:
attributes do
uuid_primary_key :id
attribute :name, :string
attribute :student_filter, :map
attribute :educator_id, :uuid
attribute :organization_id, :uuid
create_timestamp :inserted_at
update_timestamp :updated_at
endattributes do
uuid_primary_key :id
attribute :name, :string
attribute :student_filter, :map
attribute :educator_id, :uuid
attribute :organization_id, :uuid
create_timestamp :inserted_at
update_timestamp :updated_at
endRelationships:
belongs_to :educator, User do
source_attribute :educator_id
destination_attribute :id
endbelongs_to :educator, User do
source_attribute :educator_id
destination_attribute :id
endPolicy:
policy action(:get_by_id) do
authorize_if relates_to_actor_via(:educator)
endpolicy action(:get_by_id) do
authorize_if relates_to_actor_via(:educator)
endStruggling with tests. I have this:
test "get_by_id/3", ctx do
group = generate(dashboard_group(organization_id: ctx.parent_org.id, educator_id: ctx.user.id))
{:ok, group} = DashboardGroup.get_by_id(group.id, ctx.parent_org.id, actor: ctx.user)
assert is_nil(group) == false
user2 = generate(user(type: :educator, first_name: "Bob", last_name: "Marley"))
generate(organization_member(user_id: user2.id, organization_id: ctx.parent_org.id, role: :base))
group2 = generate(dashboard_group(organization_id: ctx.parent_org.id, educator_id: user2.id))
{:ok, group2} = DashboardGroup.get_by_id(group2.id, ctx.parent_org.id, actor: ctx.user)
assert is_nil(group2) == true
endtest "get_by_id/3", ctx do
group = generate(dashboard_group(organization_id: ctx.parent_org.id, educator_id: ctx.user.id))
{:ok, group} = DashboardGroup.get_by_id(group.id, ctx.parent_org.id, actor: ctx.user)
assert is_nil(group) == false
user2 = generate(user(type: :educator, first_name: "Bob", last_name: "Marley"))
generate(organization_member(user_id: user2.id, organization_id: ctx.parent_org.id, role: :base))
group2 = generate(dashboard_group(organization_id: ctx.parent_org.id, educator_id: user2.id))
{:ok, group2} = DashboardGroup.get_by_id(group2.id, ctx.parent_org.id, actor: ctx.user)
assert is_nil(group2) == true
endThe second to last line is giving an error:
** (MatchError) no match of right hand side value: {:error, %Ash.Error.Invalid{errors: [%Ash.Error.Query.NotFound{primary_key: nil, resource: MyApp.Ash.Dashboards.DashboardGroup, splode: Ash.Error, bread_crumbs: [], vars: [], path: [], stacktrace: #Splode.Stacktrace<>, class: :invalid}]}}** (MatchError) no match of right hand side value: {:error, %Ash.Error.Invalid{errors: [%Ash.Error.Query.NotFound{primary_key: nil, resource: MyApp.Ash.Dashboards.DashboardGroup, splode: Ash.Error, bread_crumbs: [], vars: [], path: [], stacktrace: #Splode.Stacktrace<>, class: :invalid}]}}But inside LV modules, trying to get a dashboard group by id when the actor does not have permission results in
{:ok, nil}{:ok, nil}
