mirror of
https://github.com/ash-project/ash.git
synced 2024-09-20 13:33:20 +12:00
53 lines
1.2 KiB
Elixir
53 lines
1.2 KiB
Elixir
|
defmodule Ash.Policy.Test.Simple.Post do
|
||
|
@moduledoc false
|
||
|
use Ash.Resource,
|
||
|
data_layer: Ash.DataLayer.Ets,
|
||
|
authorizers: [
|
||
|
Ash.Policy.Authorizer
|
||
|
]
|
||
|
|
||
|
policies do
|
||
|
policy action_type(:read) do
|
||
|
description "You can read a post if you created it or if you own the organization"
|
||
|
authorize_if(expr(author.id == ^actor(:id)))
|
||
|
authorize_if(expr(organization.owner_id == ^actor(:id)))
|
||
|
end
|
||
|
|
||
|
policy action_type(:create) do
|
||
|
description "Admins and managers can create posts"
|
||
|
authorize_if(actor_attribute_equals(:admin, true))
|
||
|
authorize_if(actor_attribute_equals(:manager, true))
|
||
|
end
|
||
|
end
|
||
|
|
||
|
ets do
|
||
|
private?(true)
|
||
|
end
|
||
|
|
||
|
attributes do
|
||
|
uuid_primary_key(:id)
|
||
|
|
||
|
attribute :text, :string do
|
||
|
allow_nil?(false)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
actions do
|
||
|
defaults [:read, :update, :destroy]
|
||
|
|
||
|
create :create do
|
||
|
primary? true
|
||
|
argument(:author, :uuid)
|
||
|
change(manage_relationship(:author, type: :replace))
|
||
|
|
||
|
argument(:organization, :uuid)
|
||
|
change(manage_relationship(:organization, type: :replace))
|
||
|
end
|
||
|
end
|
||
|
|
||
|
relationships do
|
||
|
belongs_to(:organization, Ash.Policy.Test.Simple.Organization)
|
||
|
belongs_to(:author, Ash.Policy.Test.Simple.User)
|
||
|
end
|
||
|
end
|