6 replies

Referencing action argument in policy

Ash

Hey all. I have a

create

create

action where the argument is an instance of my

Maps.Map

Maps.Map

struct, like so

create :add_to_map do
  accept [:name]

  argument :map, :struct,
    allow_nil?: false,
    constraints: [instance_of: Maps.Map]

  ...
end

create :add_to_map do
  accept [:name]

  argument :map, :struct,
    allow_nil?: false,
    constraints: [instance_of: Maps.Map]

  ...
end

Maps.Map

Maps.Map

has a

belongs_to

belongs_to

relationship with a

User

User

. I'm trying to set up a policy so that only the owner of the map can use the

create

create

action above.

I can get this to work by using

matches

matches

, but it feels like there's a more built-in way I should be able to do this.

   policy action_type(:create) do
      access_type :strict

      authorize_if matches("lorem ipsum", fn actor, context ->
                     context.changeset.arguments.map.user_id == actor.id
                   end)

    end

   policy action_type(:create) do
      access_type :strict

      authorize_if matches("lorem ipsum", fn actor, context ->
                     context.changeset.arguments.map.user_id == actor.id
                   end)

    end

I've tried

context_equals

context_equals

like so but this doesn't work

      authorize_if context_equals([:arguments, :map, :user_id], expr(^actor(:id)))

      authorize_if context_equals([:arguments, :map, :user_id], expr(^actor(:id)))

I know I can also write a

SimpleCheck

SimpleCheck

module that defines the same logic above, but this feels like something there would be a built in way to handle.

Thanks

Ash Framework•5mo ago•

6 replies

matt_savvy

Referencing action argument in policy

Ash

Hey all. I have a

create

create

action where the argument is an instance of my

Maps.Map

Maps.Map

struct, like so

create :add_to_map do
  accept [:name]

  argument :map, :struct,
    allow_nil?: false,
    constraints: [instance_of: Maps.Map]

  ...
end

create :add_to_map do
  accept [:name]

  argument :map, :struct,
    allow_nil?: false,
    constraints: [instance_of: Maps.Map]

  ...
end

Maps.Map

Maps.Map

has a

belongs_to

belongs_to

relationship with a

User

User

. I'm trying to set up a policy so that only the owner of the map can use the

create

create

action above.

I can get this to work by using

matches

matches

, but it feels like there's a more built-in way I should be able to do this.

   policy action_type(:create) do
      access_type :strict

      authorize_if matches("lorem ipsum", fn actor, context ->
                     context.changeset.arguments.map.user_id == actor.id
                   end)

    end

   policy action_type(:create) do
      access_type :strict

      authorize_if matches("lorem ipsum", fn actor, context ->
                     context.changeset.arguments.map.user_id == actor.id
                   end)

    end

I've tried

context_equals

context_equals

like so but this doesn't work

      authorize_if context_equals([:arguments, :map, :user_id], expr(^actor(:id)))

      authorize_if context_equals([:arguments, :map, :user_id], expr(^actor(:id)))

I know I can also write a

SimpleCheck

SimpleCheck

module that defines the same logic above, but this feels like something there would be a built in way to handle.

Thanks

Referencing action argument in policy

Similar Threads

Referencing action argument in policy

Similar Threads

Similar Threads

Similar Threads