Dmitry Maganov
ed4655cd83
improvement: add matches
built-in policy check ( #937 )
2024-03-21 08:39:21 -04:00
Zach Daniel
1a99098f52
fix: ensure that policies are applied to aggregates referenced in calculations
2024-02-26 13:00:12 -05:00
Zach Daniel
0e1fe24f46
fix: ensure actor context is set in filter
2024-02-25 08:24:19 -05:00
Zach Daniel
550a9c1424
chore: fix file name
2024-01-30 15:23:04 -05:00
Zach Daniel
9f748b5c55
test: update authorizer tests
...
fix: properly handle the case where all valid scenarios are pruned
2024-01-30 13:11:47 -05:00
Barnabas Jovanovics
406a076ef1
test: add test that shows expr condition does not work with access_type :strict ( #858 )
2024-01-30 12:53:23 -05:00
Barnabas Jovanovics
f2994502b9
add test for selecting policy ( #852 )
2024-01-25 11:08:31 -05:00
Jechol Lee
0d504ec429
test: Remove unnecessary authorize?: false in belongs_to_test ( #849 )
2024-01-25 10:50:37 -05:00
Zach Daniel
bbd866956d
improvement: authorize each related join using join_filters
2024-01-12 00:17:37 -05:00
Zach Daniel
5b82ce293f
fix: authorize aggregate references in calculations
2024-01-10 07:11:02 -05:00
Zach Daniel
a12131cf70
improvement: simplify aggregate loading, remove Ash.Engine
from it
...
improvement: add atomic implementation for builtin `increment` change
improvement: simplify related path authorization, use same tool as aggregates now use
2024-01-08 15:31:09 -05:00
Zach Daniel
ed887413d7
improvement: base case iterative bulk destroy implemented
2023-12-20 21:08:40 -05:00
Zach Daniel
52a62c7c45
chore: fix tests
2023-12-15 15:45:23 -05:00
Zach Daniel
e22c6c7927
fix: ensure actions always raise an error class
2023-12-15 15:33:10 -05:00
Zach Daniel
7298a4b51b
improvement: honor field policies in sort expressions
2023-12-13 15:08:39 -05:00
Jechol Lee
30deb8c32e
test: Remove unnecessary 'authorize?: false' and explicitly specify the filter policy results. ( #798 )
2023-12-07 20:22:46 -05:00
Simon Bergström
b0d5c08f5d
fix: properly include relationship name message when relationship cannot be found ( #770 )
2023-11-13 17:04:35 -05:00
Zach Daniel
a00806eeb0
fix: static checks with conditions could be overly or insufficiently restrictive
2023-09-27 14:40:40 -04:00
Barnabas Jovanovics
a1ad5d5476
add test showing the problem with expressions in field_policy conditions ( #710 )
2023-09-27 18:58:25 +02:00
Barnabas Jovanovics
9e16109950
feat: expose query or changeset to field policies ( #701 )
2023-09-25 11:13:36 -04:00
Zach Daniel
2d9f9ee362
improvement: deprecate old school manual actions
...
note: these have been deprecated for a very long time, removing them will not
be considered a breaking change (and there will be clear compile errors)
2023-09-25 09:40:29 -04:00
James Harton
269889c34b
fix(Ash.Filter): Don't overly constrain related references. ( #678 )
...
We now only apply related policies to filter statements based on references
that are explicitly annotated as inputs. This is the same logic that backs
protecting access in filters for field policies.
2023-08-21 19:39:07 -04:00
Zach Daniel
8e12a14b25
improvement: add field_policy_bypass
...
fix: fix and improve policy breakdown logs
improvement: optimize field selection/loading when possible
2023-07-11 10:28:07 -04:00
Barnabas Jovanovics
c442d83534
test: add test for aggregate field policy ( #644 )
2023-07-10 09:00:55 -04:00
Zach Daniel
be75743b13
fix: properly detect selected attributes for changeset field policies
2023-07-06 10:58:09 -04:00
Barnabas Jovanovics
8837bb0b0d
test: add test case for create action ( #641 )
2023-07-06 10:39:24 -04:00
Mariusz Morawski
5ed2109e33
improvement: Add Negate
validation ( #636 )
...
* Add `Negate` validation
---------
Co-authored-by: Zach Daniel <zachary.s.daniel@gmail.com>
2023-07-05 16:25:51 -04:00
Zach Daniel
51a86cd58d
fix: fix field policy expressions
...
fix: handle various inconsistencies in runtime expression runner
2023-06-22 16:26:03 -04:00
Zach Daniel
c93c4b88f7
chore: fix credo/dialyzer
2023-06-22 14:19:40 -04:00
Zach Daniel
0b6d93c7c4
feat: add field_policies
...
see included documentation for more information on how field policies
work.
2023-06-22 14:00:11 -04:00
Zach Daniel
6320dad188
fix: various fixes to data loading
...
improvement: `Ash.Query.accessing/2` to get a list of fields being accessed
improvement: builting `LoadAttribute` and `LoadRelationship` calculations
2023-06-09 00:16:27 -04:00
Alan Heywood
698cbd1f4c
improvement: Add :field option to relate_actor change ( #546 )
2023-04-02 21:50:32 -04:00
Alan Heywood
6e76a91215
improvement: add :subfield option to relates_to_actor_via ( #540 )
2023-03-29 12:11:23 -04:00
Zach Daniel
b4163127f9
improvement: add accessing_from/2
builtin check
2023-03-29 09:19:49 -04:00
Zach Daniel
c643e9a88f
improvement: add Api.can?
and Api.can
2023-03-08 16:34:44 -05:00
Zach Daniel
005c1bc6c1
fix: allow argument references in policies
2023-02-22 20:12:08 -05:00
Zach Daniel
c962bc7aa7
feat: add this/1
for use inside exists/2
(and other places eventually)
...
fix: various fixes to expression syntax
2023-01-04 12:17:40 -05:00
Barnabas Jovanovics
7689e8e531
fix: respect selects in related_query ( #464 )
2022-12-20 03:12:40 -05:00
Zach Daniel
e403728cf4
fix: properly authorize manage relationship calls
...
improvement: don't run queries with `limit: 0`
2022-11-30 02:18:13 -05:00
Zach Daniel
2f3fcbad13
improvement: optimize various solver boolean optimizations
...
improvement: more comprehensively remove unnecessary clauses
fix: resolve issue with `authorize_unless` and filter checks
improvement: prevent changing attributes and arguments after action validation
We allow for these changes inside of `before_action` calls, but otherwise
require that `force_change_attribute` is used, for example. This prevents
accidentally validating a changeset and then changing an attribute.
2022-11-23 03:39:00 -05:00
Zach Daniel
5e3b71e79b
fix: properly load manual to_one relationships
2022-10-23 22:16:50 -06:00
Zach Daniel
d1f05b6c42
fix: don't attempt to re-authorize access to already retrieved records in Api.load/2
...
improvement: show conditions in policy breakdowns
2022-10-20 13:00:23 -04:00
Frank Dugan III
62805fcce9
improvement: allow passing query or changeset in can/can?/4 ( #410 )
2022-10-10 11:50:13 -04:00
Zach Daniel
0e13456eb0
improvement: optimize relates_to_actor_via checks
2022-09-28 20:37:19 -04:00
Zach Daniel
b12b5e34bb
fix: properly require a condition of a following bypasses
2022-09-28 16:38:32 -04:00
zimt28
33a6438f00
test: Add test for strict_check
with filter policy ( #387 )
2022-09-27 14:43:29 -04:00
Zach Daniel
3b803d4c55
fix: various fixes with complex policy statements
...
improvement: simplify filter statements further
improvement: don't overconstraint filters on related data
test: get started on some more complex policy tests
2022-09-25 13:21:17 -04:00
Zach Daniel
fbcd745401
improvement: properly mark conditions w/ access_type
...
fix: handle statically false conditions in filter logic
2022-09-22 21:03:33 -04:00
Zach Daniel
87f20369bc
improvement: deprecate :replace
in favor of :relate_and_unrelate
2022-09-19 15:44:06 -04:00
Zach Daniel
2ca0f09444
improvement: add loading?/1
query helper
...
improvement: add `loading/1` built in check
2022-09-19 10:14:08 -04:00