ash-project/ash
1
0
Fork 0
mirror of https://github.com/ash-project/ash.git synced 2024-09-20 05:23:03 +12:00
Code Issues Projects Releases Packages Wiki Activity
2956 commits 93 branches 718 tags 29 MiB
Commit graph

36 commits

Author SHA1 Message Date
Zach Daniel
a00806eeb0 fix: static checks with conditions could be overly or insufficiently restrictive 2023-09-27 14:40:40 -04:00
Barnabas Jovanovics
a1ad5d5476
add test showing the problem with expressions in field_policy conditions (#710) 2023-09-27 18:58:25 +02:00
Barnabas Jovanovics
9e16109950
feat: expose query or changeset to field policies (#701) 2023-09-25 11:13:36 -04:00
Zach Daniel
2d9f9ee362 improvement: deprecate old school manual actions 
note: these have been deprecated for a very long time, removing them will not
be considered a breaking change (and there will be clear compile errors)
 2023-09-25 09:40:29 -04:00
James Harton
269889c34b
fix(Ash.Filter): Don't overly constrain related references. (#678) 
We now only apply related policies to filter statements based on references
that are explicitly annotated as inputs.  This is the same logic that backs
protecting access in filters for field policies.
 2023-08-21 19:39:07 -04:00
Zach Daniel
8e12a14b25 improvement: add field_policy_bypass 
fix: fix and improve policy breakdown logs
improvement: optimize field selection/loading when possible
 2023-07-11 10:28:07 -04:00
Barnabas Jovanovics
c442d83534
test: add test for aggregate field policy (#644) 2023-07-10 09:00:55 -04:00
Zach Daniel
be75743b13 fix: properly detect selected attributes for changeset field policies 2023-07-06 10:58:09 -04:00
Barnabas Jovanovics
8837bb0b0d
test: add test case for create action (#641) 2023-07-06 10:39:24 -04:00
Mariusz Morawski
5ed2109e33
improvement: Add Negate validation (#636) 
* Add `Negate` validation
---------

Co-authored-by: Zach Daniel <zachary.s.daniel@gmail.com>
 2023-07-05 16:25:51 -04:00
Zach Daniel
51a86cd58d fix: fix field policy expressions 
fix: handle various inconsistencies in runtime expression runner
 2023-06-22 16:26:03 -04:00
Zach Daniel
c93c4b88f7 chore: fix credo/dialyzer 2023-06-22 14:19:40 -04:00
Zach Daniel
0b6d93c7c4 feat: add field_policies 
see included documentation for more information on how field policies
work.
 2023-06-22 14:00:11 -04:00
Zach Daniel
6320dad188 fix: various fixes to data loading 
improvement: `Ash.Query.accessing/2` to get a list of fields being accessed
improvement: builting `LoadAttribute` and `LoadRelationship` calculations
 2023-06-09 00:16:27 -04:00
Alan Heywood
698cbd1f4c
improvement: Add :field option to relate_actor change (#546) 2023-04-02 21:50:32 -04:00
Alan Heywood
6e76a91215
improvement: add :subfield option to relates_to_actor_via (#540) 2023-03-29 12:11:23 -04:00
Zach Daniel
b4163127f9 improvement: add accessing_from/2 builtin check 2023-03-29 09:19:49 -04:00
Zach Daniel
c643e9a88f improvement: add Api.can? and Api.can 2023-03-08 16:34:44 -05:00
Zach Daniel
005c1bc6c1 fix: allow argument references in policies 2023-02-22 20:12:08 -05:00
Zach Daniel
c962bc7aa7 feat: add this/1 for use inside exists/2 (and other places eventually) 
fix: various fixes to expression syntax
 2023-01-04 12:17:40 -05:00
Barnabas Jovanovics
7689e8e531
fix: respect selects in related_query (#464) 2022-12-20 03:12:40 -05:00
Zach Daniel
e403728cf4 fix: properly authorize manage relationship calls 
improvement: don't run queries with `limit: 0`
 2022-11-30 02:18:13 -05:00
Zach Daniel
2f3fcbad13 improvement: optimize various solver boolean optimizations 
improvement: more comprehensively remove unnecessary clauses
fix: resolve issue with `authorize_unless` and filter checks
improvement: prevent changing attributes and arguments after action validation

We allow for these changes inside of `before_action` calls, but otherwise
require that `force_change_attribute` is used, for example. This prevents
accidentally validating a changeset and then changing an attribute.
 2022-11-23 03:39:00 -05:00
Zach Daniel
5e3b71e79b fix: properly load manual to_one relationships 2022-10-23 22:16:50 -06:00
Zach Daniel
d1f05b6c42 fix: don't attempt to re-authorize access to already retrieved records in Api.load/2 
improvement: show conditions in policy breakdowns
 2022-10-20 13:00:23 -04:00
Frank Dugan III
62805fcce9
improvement: allow passing query or changeset in can/can?/4 (#410) 2022-10-10 11:50:13 -04:00
Zach Daniel
0e13456eb0 improvement: optimize relates_to_actor_via checks 2022-09-28 20:37:19 -04:00
Zach Daniel
b12b5e34bb fix: properly require a condition of a following bypasses 2022-09-28 16:38:32 -04:00
zimt28
33a6438f00
test: Add test for strict_check with filter policy (#387) 2022-09-27 14:43:29 -04:00
Zach Daniel
3b803d4c55 fix: various fixes with complex policy statements 
improvement: simplify filter statements further
improvement: don't overconstraint filters on related data
test: get started on some more complex policy tests
 2022-09-25 13:21:17 -04:00
Zach Daniel
fbcd745401 improvement: properly mark conditions w/ access_type 
fix: handle statically false conditions in filter logic
 2022-09-22 21:03:33 -04:00
Zach Daniel
87f20369bc improvement: deprecate :replace in favor of :relate_and_unrelate 2022-09-19 15:44:06 -04:00
Zach Daniel
2ca0f09444 improvement: add loading?/1 query helper 
improvement: add `loading/1` built in check
 2022-09-19 10:14:08 -04:00
zimt28
ed44036400
Improve module names (#357) 2022-07-21 10:19:47 -04:00
Frank Dugan III
3776af9f85
feat: add can?/4 policy utility (#349) 
* feat: add can?/4 policy utility

* refactor: change defaults and add can/4

* refactor: add typespecs, rename test
 2022-07-14 10:05:51 -04:00
Zach Daniel
b3e0632792 improvement: move ash_policy_authorizer into core as Ash.Policy.Authorizer 2022-05-17 15:56:40 -04:00