mirror of
https://github.com/ash-project/ash.git
synced 2024-09-21 05:53:06 +12:00
4adddcdd69
This reverts commit ffa37d0c95
.
79 lines
2 KiB
Elixir
79 lines
2 KiB
Elixir
defmodule Ash.Test.Support.PolicySimple.Post do
|
|
@moduledoc false
|
|
use Ash.Resource,
|
|
domain: Ash.Test.Support.PolicySimple.Domain,
|
|
data_layer: Ash.DataLayer.Ets,
|
|
authorizers: [
|
|
Ash.Policy.Authorizer
|
|
]
|
|
|
|
policies do
|
|
policy action_type(:read) do
|
|
description "You can read a post if you created it or if you own the organization"
|
|
authorize_if(expr(author.id == ^actor(:id)))
|
|
authorize_if(expr(organization.owner_id == ^actor(:id)))
|
|
end
|
|
|
|
policy action_type(:create) do
|
|
description "Admins and managers can create posts"
|
|
authorize_if(actor_attribute_equals(:admin, true))
|
|
authorize_if(actor_attribute_equals(:manager, true))
|
|
end
|
|
|
|
policy action(:say_hello) do
|
|
authorize_if expr(^actor(:admin) == true)
|
|
forbid_if expr(^arg(:from_an_admin?))
|
|
authorize_if always()
|
|
end
|
|
end
|
|
|
|
ets do
|
|
private?(true)
|
|
end
|
|
|
|
attributes do
|
|
uuid_primary_key(:id)
|
|
|
|
attribute :text, :string do
|
|
public?(true)
|
|
allow_nil?(false)
|
|
end
|
|
end
|
|
|
|
actions do
|
|
default_accept :*
|
|
defaults [:read, :destroy, update: :*]
|
|
|
|
create :create do
|
|
primary? true
|
|
argument :author, :uuid
|
|
change manage_relationship(:author, type: :append_and_remove)
|
|
|
|
argument :organization, :uuid
|
|
change manage_relationship(:organization, type: :append_and_remove)
|
|
end
|
|
|
|
action :say_hello, :string do
|
|
argument :to, :string, allow_nil?: false
|
|
argument :from_an_admin?, :boolean, allow_nil?: false, default: false
|
|
|
|
run fn input, _ ->
|
|
if input.arguments.from_an_admin? do
|
|
{:ok, "Hello #{input.arguments.to} from an admin!"}
|
|
else
|
|
{:ok, "Hello #{input.arguments.to} from an admin!"}
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
relationships do
|
|
belongs_to :organization, Ash.Test.Support.PolicySimple.Organization do
|
|
public?(true)
|
|
end
|
|
|
|
belongs_to :author, Ash.Test.Support.PolicySimple.User do
|
|
public?(true)
|
|
end
|
|
end
|
|
end
|