ash-project/ash
1
0
Fork 0
mirror of https://github.com/ash-project/ash.git synced 2024-09-20 05:23:03 +12:00
Code Issues Projects Releases Packages Wiki Activity
ash/test/policy/strict_condition_test.exs

51 lines
1.1 KiB
Elixir
Raw Blame History

defmodule Ash.Test.Policy.StrictConditionTest do
use ExUnit.Case, async: true
alias Ash.Test.Domain, as: Domain
defmodule Resource do
@moduledoc false
use Ash.Resource,
domain: Domain,
data_layer: Ash.DataLayer.Ets,
authorizers: [Ash.Policy.Authorizer]
ets do
private?(true)
end
actions do
default_accept :*
defaults([:read, :destroy, create: :*, update: :*])
end
attributes do
uuid_primary_key :id
attribute :visible, :boolean, allow_nil?: false, public?: true
end
policies do
default_access_type :strict
policy [action(:read), expr(visible == true)] do
authorize_if always()
end
end
end
test "condition in filter policy is evaluated" do
Resource
|> Ash.Changeset.for_create(:create, %{visible: true}, authorize?: false)
|> Ash.create!()
Resource
|> Ash.Changeset.for_create(:create, %{visible: false}, authorize?: false)
|> Ash.create!()
assert_raise Ash.Error.Forbidden, fn ->
Resource
|> Ash.Query.for_read(:read, %{}, actor: %{id: "foo"})
|> Ash.read!()
end
end
end
Reference in a new issue View git blame Copy permalink