lifeofdan
AEAsh Elixir
•Created by lifeofdan on 3/16/2023 in #support
Resource interactions
Okay, great. I'll try and take a look at that. Thank you very much. 🙂
6 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
Thank you for taking so much time and really explaining this. You answered my first questions ages ago, but now I am really getting a whole picture.
34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
Right, okay, this is all starting to make sense now.
34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
So why does, this not work.
forbid_unless expr(bank_account_id != ^actor(:id))34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
interesting...
34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
So would you say returning an
:ok with no data is more secure than returning forbidden?34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
forbid_if seems to work differently?
34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
Right. That is interesting. I think the "authorize" wording confused me. In essence the expr() is saying, this person is authorized to access data but only this particular data so only return that. When I think of "authorize" I think "can they do this at all". I suppose the authorize_if works similar to graphql, which also posts the data then has to check if it can return.
34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
Okay, that seems to work in the same manner as using
authorize_if relates_to_actor_via(:bank_account) in that, when doing a query to read a transaction, if an actor is passed at all, even an incorrect one, it will return {:ok, []} . So it does not return anything, but it does say :ok. Is this the expected behaviour? I was expecting it to return :error34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
I have a feeling I'm not importing something I need to be.
34 replies
AEAsh Elixir
•Created by lifeofdan on 3/13/2023 in #support
Using args in policies
Here is a picture of the relevant section
34 replies
AEAsh Elixir
•Created by lifeofdan on 2/26/2023 in #support
No actor, policy enforcement.
Awesome! 😄
10 replies
AEAsh Elixir
•Created by lifeofdan on 2/26/2023 in #support
No actor, policy enforcement.
Okay, excellent. I'll give that a read and take those steps to secure the endpoint. Thank you, very much!
10 replies
AEAsh Elixir
•Created by lifeofdan on 2/24/2023 in #support
Set up testing
Yeah, I'm sure I would not document it either if I was creating a library for a language I was familiar with. 🙂 Thank you very much for your help and kindness in your response. 🙂
7 replies
AEAsh Elixir
•Created by lifeofdan on 2/24/2023 in #support
Set up testing
Thank you, that is exactly what I needed. Where should I have looked for this information, is this a basic elixir thing, a phoenix thing, or what. I don't want to waste anyone's time with my newbie questions.
7 replies