improvement: allow policy conditions to be applied inside their block

```elixir policy do condition [...] authorize_if ... end ```
2024-09-19 21:13:10 +12:00 · 2024-07-22 07:10:09 -04:00 · 2024-07-22 07:10:09 -04:00 · 34d6f229c5
commit 34d6f229c5
parent 3c2f51224a
4 changed files with 17 additions and 5 deletions
--- a/lib/ash/policy/authorizer/authorizer.ex
+++ b/lib/ash/policy/authorizer/authorizer.ex
@ -178,7 +178,7 @@ defmodule Ash.Policy.Authorizer do
        """
      ]
    ],
-    args: [:condition],
+    args: [{:optional, :condition}],
    target: Ash.Policy.Policy,
    no_depend_modules: [:condition],
    transform: {Ash.Policy.Policy, :transform, []},
@ -274,7 +274,7 @@ defmodule Ash.Policy.Authorizer do
          "A check or list of checks that must be true in order for this field policy to apply. If not specified, it always applies."
      ]
    ],
-    args: [:fields, {:optional, :condition, {Ash.Policy.Check.Static, result: true}}],
+    args: [:fields, {:optional, :condition}],
    target: Ash.Policy.FieldPolicy,
    transform: {Ash.Policy.FieldPolicy, :transform, []},
    entities: [
--- a/lib/ash/policy/field_policy.ex
+++ b/lib/ash/policy/field_policy.ex
@ -16,11 +16,18 @@ defmodule Ash.Policy.FieldPolicy do
    if Enum.empty?(field_policy.policies) do
      {:error, "Field policies must have at least one check."}
    else
+      field_policy =
+        if field_policy.condition in [nil, []] do
+          %{field_policy | condition: [{Ash.Policy.Check.Static, result: true}]}
+        else
+          field_policy
+        end
+
      {:ok,
       %{
         field_policy
         | policies: Enum.map(field_policy.policies, &set_field_policy_opt/1),
-           condition: Enum.map(List.wrap(field_policy.condition || []), &set_field_policy_opt/1)
+           condition: Enum.map(List.wrap(field_policy.condition), &set_field_policy_opt/1)
       }}
    end
  end
--- a/lib/ash/policy/policy.ex
+++ b/lib/ash/policy/policy.ex
@ -55,7 +55,11 @@ defmodule Ash.Policy.Policy do
    if Enum.empty?(policy.policies) do
      {:error, "Policies must have at least one check."}
    else
-      {:ok, policy}
+      if policy.condition in [nil, []] do
+        {:ok, %{policy | condition: [{Ash.Policy.Check.Static, result: true}]}}
+      else
+        {:ok, policy}
+      end
    end
  end

--- a/test/actions/aggregate_test.exs
+++ b/test/actions/aggregate_test.exs
@ -45,7 +45,8 @@ defmodule Ash.Test.Actions.AggregateTest do
    end

    policies do
-      policy always() do
+      policy do
+        condition(always())
        authorize_if expr(public == true)
      end
    end