mirror of
https://github.com/ash-project/ash.git
synced 2024-09-19 13:03:02 +12:00
chore: use a better config name
This commit is contained in:
parent
06cd509e1f
commit
a2cfaa5fe0
5 changed files with 10 additions and 9 deletions
|
@ -29,7 +29,7 @@ if Mix.env() == :test do
|
||||||
Ash.Test.Support.PolicySimple.Domain
|
Ash.Test.Support.PolicySimple.Domain
|
||||||
]
|
]
|
||||||
|
|
||||||
config :ash, :policy, forbid_static_forbidden_reads?: false
|
config :ash, :policy, no_filter_static_forbidden_reads?: false
|
||||||
|
|
||||||
config :ash, :custom_expressions, [Ash.Test.Expressions.JaroDistance]
|
config :ash, :custom_expressions, [Ash.Test.Expressions.JaroDistance]
|
||||||
|
|
||||||
|
|
|
@ -258,7 +258,7 @@ config :ash,
|
||||||
default_page_type: :keyset
|
default_page_type: :keyset
|
||||||
|
|
||||||
config :ash, :policies,
|
config :ash, :policies,
|
||||||
forbid_static_forbidden_reads?: false
|
no_filter_static_forbidden_reads?: false
|
||||||
```
|
```
|
||||||
|
|
||||||
### Try our first resource out
|
### Try our first resource out
|
||||||
|
|
|
@ -1557,14 +1557,15 @@ defmodule Ash.Policy.Authorizer do
|
||||||
end
|
end
|
||||||
|
|
||||||
defp forbidden_due_to_strict_policy?(authorizer) do
|
defp forbidden_due_to_strict_policy?(authorizer) do
|
||||||
forbid_static_forbidden_reads? =
|
no_filter_static_forbidden_reads? =
|
||||||
Keyword.get(
|
Keyword.get(
|
||||||
Application.get_env(:ash, :policy, []),
|
Application.get_env(:ash, :policy, []),
|
||||||
:forbid_static_forbidden_reads?,
|
:no_filter_static_forbidden_reads?,
|
||||||
true
|
true
|
||||||
)
|
)
|
||||||
|
|
||||||
if forbid_static_forbidden_reads? || authorizer.for_fields || authorizer.action.type != :read do
|
if no_filter_static_forbidden_reads? || authorizer.for_fields ||
|
||||||
|
authorizer.action.type != :read do
|
||||||
true
|
true
|
||||||
else
|
else
|
||||||
authorizer.policies
|
authorizer.policies
|
||||||
|
|
|
@ -83,14 +83,14 @@ defmodule Ash.Policy.FilterCheck do
|
||||||
|> filter(authorizer, opts)
|
|> filter(authorizer, opts)
|
||||||
|> Ash.Expr.fill_template(actor, Ash.Policy.FilterCheck.args(authorizer), context)
|
|> Ash.Expr.fill_template(actor, Ash.Policy.FilterCheck.args(authorizer), context)
|
||||||
|> then(fn expr ->
|
|> then(fn expr ->
|
||||||
forbid_static_forbidden_reads? =
|
no_filter_static_forbidden_reads? =
|
||||||
Keyword.get(
|
Keyword.get(
|
||||||
Application.get_env(:ash, :policy, []),
|
Application.get_env(:ash, :policy, []),
|
||||||
:forbid_static_forbidden_reads?,
|
:no_filter_static_forbidden_reads?,
|
||||||
true
|
true
|
||||||
)
|
)
|
||||||
|
|
||||||
if forbid_static_forbidden_reads? || authorizer.for_fields ||
|
if no_filter_static_forbidden_reads? || authorizer.for_fields ||
|
||||||
authorizer.action.type != :read ||
|
authorizer.action.type != :read ||
|
||||||
context[:private][:pre_flight_authorization?] do
|
context[:private][:pre_flight_authorization?] do
|
||||||
try_eval(expr, authorizer)
|
try_eval(expr, authorizer)
|
||||||
|
|
|
@ -68,7 +68,7 @@ defmodule Mix.Tasks.Ash.Install do
|
||||||
|> Igniter.Project.Config.configure(
|
|> Igniter.Project.Config.configure(
|
||||||
"config.exs",
|
"config.exs",
|
||||||
:ash,
|
:ash,
|
||||||
[:policies, :forbid_static_forbidden_reads?],
|
[:policies, :no_filter_static_forbidden_reads?],
|
||||||
false
|
false
|
||||||
)
|
)
|
||||||
|> then(fn igniter ->
|
|> then(fn igniter ->
|
||||||
|
|
Loading…
Reference in a new issue