15 replies

Can I pass an argument to a custom policy check

I have the following resources:

publisher

publisher

book

book

chapter

chapter

user

user

permissions

permissions

.

My relationships look like the following:

Users

Users

are given

permissions

permissions

to a publisher. These permissions are an array of arbitrary strings.

Books

Books

are directly related to a

publisher

publisher

, and

chapter

chapter

belong to the

book

book

directly, but not the

publisher

publisher

.

Problem:
I want to check if a user has the correct permissions for the given

publisher

publisher

that's passed in as an argument for the changesets for both the

book

book

and

chapter

chapter

resources. I thought I could do something along the lines of

authorize_if expr(has_create_permissions(actor, publisher, permissions))

authorize_if expr(has_create_permissions(actor, publisher, permissions))

but I'm having trouble figuring out where I should be defining the

has_create_permissions

has_create_permissions

function.

Is this something I can (or even should) do?