mirror of
https://github.com/ash-project/ash.git
synced 2024-09-20 13:33:20 +12:00
5967ed3a48
* improvement!: use `%Ash.NotSelected{}` for unselected values
* improvement!: default `require_atomic?` to `true`
* improvement!: raise errors on unknown generic action arguments
* improvement!: default bulk strategy to `:atomic`
* improvement!: warnings on `require_atomic?` `true` actions
improvement!: revise `Ash.NotSelected` to `Ash.NotLoaded`
improvement!: errors on unknown action inputs across the board
* doc: clarify wording in notifiers.md
closes #889
* improvement!: default `api.authorization.authorize` to `:by_default`
* improvement!: require the api when constructing changesets
this commit also fixes some work from prior commits around
the default value for the `authorize` option
* improvement!: code_interface.define_for -> code_interface.api
`code_interface.define_for` is now `code_interface.api`. Additionally, it is set automatically if the `api` option is specified on `use Ash.Resource`.
* improvement!: remove registries
* improvement!: pubsub notifier default to `previous_values?: false`
improvement!: requires_original_data? callback defaults to false
* improvement!: rename Ash.Calculation -> Ash.Resource.Calculation
improvement!: improve `Ash.Query.Calculation.new` signature
improvement!: anonymous function calculations now take lists and return lists
improvement!: make callback contexts into structs
improvement!: pass context to builtin lifecycle hook changes
improvement!: calculation arguments are now in the `arguments` key of the context
* chore: fix build
* improvement!: remove `aggregates` and `calculations` from `Filter.parse` and `Filter.parse_input`
* improvement: update spark to 2.0
* improvement!: make picosat_elixir optional with `simple_sat`
* improvement!: rename api to domain
* docs: add more info to upgrading guide
* docs: tweak docs formatting
* improvement!: remove `Ash.Changeset.new!`
* docs: update docs for `Ash.Changeset.new/1`
* improvement!: deprecate `private?: false` in favor of `public?: true`
* doc: add upgrade guide for private -> public
* improvement: update reactor to 3.0
* improvement!: default `default_accept` is now `[]`
* improvement!: `Ash.CiString.new/1` returns `nil` on `nil` input
* improvement!(Ash.Reactor): Improve integration with Ash 3.0 changes.
* improvement!: clean up and reorganize `Ash` functions
this is in preparation of deprecating the functions that are defined
on the api
improvement!: remove context-based functionality
* chore: update docs references from `Ash.Domain` to `Ash`
* chore: fix bad merge
* chore: fix context access in atomic changes
* improvement!: Deprecate calling functions on (domain) api in favor of `Ash`
* improvement!: add `attribute_public?` and update `attribute_writable?` behavior
* improvement!: update atomic behaviors, default to invalid
* chore: update downcase docs
* improvement!: changeset.filters -> changeset.filter
* improvement!: remove deprecated functions
* improvement!: remove and simplify `Ash.Filter.TemplateHelpers`
* improvement: import Ash.Expr in modules where it is used
improvement: require Ash.QUery in modules where it makes sense
* fix!: keyword lists are no longer special cased in ash expressions
* improvement: add structs for more context implementations
* chore: small tweaks, finish `:all` -> `:*` conversion
* chore: update DSL docs for multitenancy.global?
* improvement: ensure selects are applied on destroys
chore: remove TODOs
* chore: some docs changes
* improvement!: introduce strict mode to calculations
* chore: update tests
* improvement: support custom expressions
* docs: document custom expressions
* chore: fix and test custom expressions and function fragments
docs: update relevant docs w/ the changes
* improvement!: reverse order of before action & before transaction hooks
* improvement!: default read actions are now paginatable
* improvement!: require explicit accept lists in default actions
* chore: update docs
* improvement!: remove Ash.Flow and Ash.Engine
* chore: unlock unused deps
* chore: don't use unused variable
* chore: include ash flow change in upgrade guide
* improvement!: standardize various exception keys and names
* improvement!: use `Splode` for errors
* improvement: update upgrade guide to include Splode
* feat: code interface on the domain
* improvement: only require primary key if resource has actions or fields
improvement: only build schema if resource has actions or fields
improvement: verify primary key in its own verifier
* improvement: add `resource/1` builtin check
* improvement!: move simple_notifiers to an option instead of a DSL builder
improvement!: update spark for better autocomplete, configure autocomplete for key functions
docs: replace `an domain` with `a domain`
* improvement: better code interface documentation
* fix: set tenant on query so that root calles to Api.aggreagte work as expected (#929)
* chore: fixes from previous improvements
* chore: update splode
* chore: update splode
* improvement!: swap position of sort order and arguments in calculation sorting
* improvement!: add `include_nil?` aggregate option, and default it to `false`
* improvement: support notifiers within actions
* improvement: support specifying multiple filters
* improvement: add `sortable?` flags to all fields
improvement: support multiple filters on relationships
* improvement: support sensitive? on calculations and arguments
* improvement: validate resources in inputs to code interface
* chore: don't require explicit accept lists when using `default_accept :*`
* chore: update spark
* chore: update public attribute handling per 3.0
* improvement: update reactor and tests
* chore: better error message
* chore: fix rebase issue
* chore: handle merge issues
improvement: don't require domain on relationships if destination has domain
* improvement!: errors on unknown inputs for calculations
* improvement: always choose to cast atomic
* improvement: support casting some embeds atomically
* improvement: various 3.0 updates, documented in upgrade.md
* chore: Add failing tests for loads with with explicit domains. (#948)
Co-authored-by: James Harton <james@harton.nz>
* improvement: ensure non-static dynamic domains works
* improvement: add Ash.ToTenant protocol
* chore: add docs for no ToTenant option
* fix: properly construct new query in `build/3`
* chore: update simple_sat dependency
* chore: don't reselect when missing primary keys
* chore: remove IO.inspect
* chore: update spark
* chore: update spark
* improvement: use `Keyword.put_new` in `Ash.Context.to_opts` (#953)
* improvement: support bulk and atomic operations in code interfaces
---------
Co-authored-by: James Harton <james@harton.nz>
Co-authored-by: WIGGLES <55168935+WIGGLES-dev@users.noreply.github.com>
Co-authored-by: Dmitry Maganov <vonagam@gmail.com>
315 lines
11 KiB
Elixir
315 lines
11 KiB
Elixir
defmodule Ash.Test.Policy.FieldPolicyTest do
|
|
@doc false
|
|
use ExUnit.Case
|
|
|
|
require Ash.Query
|
|
|
|
alias Ash.Test.Support.PolicyField.{Ticket, User}
|
|
|
|
setup do
|
|
rep =
|
|
Ash.create!(Ash.Changeset.for_create(User, :create, %{role: :representative, points: 4}),
|
|
authorize?: false
|
|
)
|
|
|
|
user =
|
|
Ash.create!(Ash.Changeset.for_create(User, :create, %{role: :user, points: 3}),
|
|
authorize?: false
|
|
)
|
|
|
|
admin =
|
|
Ash.create!(Ash.Changeset.for_create(User, :create, %{role: :admin, points: 2}),
|
|
authorize?: false
|
|
)
|
|
|
|
other_user =
|
|
Ash.create!(Ash.Changeset.for_create(User, :create, %{role: :user, points: 1}),
|
|
authorize?: false
|
|
)
|
|
|
|
[
|
|
user: user,
|
|
admin: admin,
|
|
representative: rep,
|
|
ticket:
|
|
Ash.create!(
|
|
Ash.Changeset.for_create(Ticket, :create, %{
|
|
representative_id: rep.id,
|
|
reporter_id: user.id
|
|
})
|
|
),
|
|
other_ticket:
|
|
Ash.create!(
|
|
Ash.Changeset.for_create(Ticket, :create, %{
|
|
representative_id: rep.id,
|
|
reporter_id: other_user.id
|
|
})
|
|
)
|
|
]
|
|
end
|
|
|
|
describe "introspection" do
|
|
test "introspection returns field policies" do
|
|
assert [
|
|
%Ash.Policy.FieldPolicy{bypass?: true},
|
|
%Ash.Policy.FieldPolicy{bypass?: false},
|
|
%Ash.Policy.FieldPolicy{bypass?: false},
|
|
%Ash.Policy.FieldPolicy{bypass?: false},
|
|
%Ash.Policy.FieldPolicy{bypass?: false}
|
|
] =
|
|
Ash.Policy.Info.field_policies(User)
|
|
end
|
|
end
|
|
|
|
describe "rendering fields" do
|
|
test "when creating as a user that cannot see the field, its value is not displayed", %{
|
|
representative: rep,
|
|
user: user
|
|
} do
|
|
assert %Ash.ForbiddenField{field: :internal_status, type: :attribute} ==
|
|
Ticket
|
|
|> Ash.Changeset.for_create(
|
|
:create,
|
|
%{representative_id: rep.id, reporter_id: user.id, internal_status: :new},
|
|
authorize?: true,
|
|
actor: user
|
|
)
|
|
|> Ash.create!(authorize?: true, actor: user)
|
|
|> Map.get(:internal_status)
|
|
end
|
|
|
|
test "when destroying as a user that cannot see the field, its value is not displayed", %{
|
|
representative: rep,
|
|
user: user
|
|
} do
|
|
assert %Ash.ForbiddenField{field: :internal_status, type: :attribute} ==
|
|
Ticket
|
|
|> Ash.Changeset.for_create(
|
|
:create,
|
|
%{representative_id: rep.id, reporter_id: user.id, internal_status: :new},
|
|
authorize?: true,
|
|
actor: user
|
|
)
|
|
|> Ash.create!(authorize?: false)
|
|
|> Ash.destroy!(authorize?: true, actor: user, return_destroyed?: true)
|
|
|> Map.get(:internal_status)
|
|
end
|
|
|
|
test "when reading as a user that can see the field, its value is displayed", %{
|
|
representative: representative
|
|
} do
|
|
assert :representative ==
|
|
User
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.filter(id == ^representative.id)
|
|
|> Ash.read_one!(authorize?: true, actor: representative)
|
|
|> Map.get(:role)
|
|
end
|
|
|
|
test "bypasses take priority over subsequent policies", %{
|
|
representative: representative,
|
|
admin: admin
|
|
} do
|
|
assert :representative ==
|
|
User
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: admin)
|
|
|> Ash.Query.filter(id == ^representative.id)
|
|
|> Ash.read_one!(authorize?: true, actor: admin)
|
|
|> Map.get(:role)
|
|
end
|
|
|
|
test "can load a resource with a forbidden aggregate", %{
|
|
representative: representative
|
|
} do
|
|
assert %Ash.ForbiddenField{field: :ticket_count, type: :aggregate} ==
|
|
User
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.filter(id == ^representative.id)
|
|
|> Ash.Query.load([:ticket_count])
|
|
|> Ash.read_one!(authorize?: true, actor: representative)
|
|
|> Map.get(:ticket_count)
|
|
end
|
|
|
|
test "when reading as a user that cant see the field, its value is not displayed", %{
|
|
representative: representative,
|
|
user: user
|
|
} do
|
|
assert %Ash.ForbiddenField{field: :role, type: :attribute} ==
|
|
User
|
|
|> Ash.Query.for_read(:read, %{})
|
|
|> Ash.Query.filter(id == ^representative.id)
|
|
|> Ash.read_one!(authorize?: true, actor: user)
|
|
|> Map.get(:role)
|
|
end
|
|
|
|
test "when loading as a user that cant see the field, its value is not displayed", %{
|
|
representative: representative,
|
|
user: user
|
|
} do
|
|
assert %Ash.ForbiddenField{field: :role, type: :attribute} ==
|
|
User
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.filter(id == ^representative.id)
|
|
|> Ash.read_one!(authorize?: true, actor: user)
|
|
|> Ash.load!(:role, authorize?: true)
|
|
|> Map.get(:role)
|
|
end
|
|
|
|
test "when reading as a user that cant see the field with a `relates_to_actor_via` check, the value is not displayed",
|
|
%{
|
|
user: user,
|
|
ticket: ticket,
|
|
other_ticket: other_ticket
|
|
} do
|
|
assert nil ==
|
|
Ticket
|
|
|> Ash.Query.select(:status)
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.Query.filter(id == ^ticket.id)
|
|
|> Ash.read_one!()
|
|
|> Map.get(:status)
|
|
|
|
assert %Ash.ForbiddenField{} =
|
|
Ticket
|
|
|> Ash.Query.select(:status)
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.Query.filter(id == ^other_ticket.id)
|
|
|> Ash.read_one!()
|
|
|> Map.get(:status)
|
|
end
|
|
|
|
test "reading is allowed through a relationship",
|
|
%{representative: representative} do
|
|
# someone who is allowed because it's accessed through the ticket
|
|
assert [ticket] =
|
|
Ticket
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.filter(reporter.ticket_count > 0)
|
|
|> Ash.Query.load(reporter: [:ticket_count])
|
|
|> Ash.Query.limit(1)
|
|
|> Ash.read!(authorize?: true)
|
|
|
|
assert is_number(ticket.reporter.ticket_count)
|
|
assert ticket.reporter.ticket_count > 0
|
|
|
|
# can't read the value when reading the resource directly
|
|
assert [user] =
|
|
User
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.load([:ticket_count])
|
|
|> Ash.Query.limit(1)
|
|
|> Ash.read!(authorize?: true)
|
|
|
|
assert user.ticket_count == %Ash.ForbiddenField{
|
|
field: :ticket_count,
|
|
type: :aggregate
|
|
}
|
|
end
|
|
|
|
test "reading is allowed through a multi level relationship",
|
|
%{user: user} do
|
|
assert [ticket] =
|
|
Ticket
|
|
|> Ash.Query.select([:internal_status])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.Query.filter(reporter_id == ^user.id)
|
|
|> Ash.Query.load(reporter: [:tickets])
|
|
|> Ash.read!(authorize?: true)
|
|
|
|
assert ticket.internal_status == %Ash.ForbiddenField{
|
|
field: :internal_status,
|
|
type: :attribute
|
|
}
|
|
|
|
nested_ticket = ticket.reporter.tickets |> List.first()
|
|
|
|
assert nested_ticket.internal_status == nil
|
|
end
|
|
end
|
|
|
|
describe "filters" do
|
|
test "filters are replaced with the appropriate field policies", %{
|
|
representative: representative,
|
|
user: user
|
|
} do
|
|
assert [] =
|
|
User
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.Query.filter_input(role: :representative)
|
|
|> Ash.read!(authorize?: true)
|
|
|
|
assert [_] =
|
|
User
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.filter_input(role: :representative)
|
|
|> Ash.read!(authorize?: true)
|
|
end
|
|
|
|
test "it's possible to filter on values that are only allowed to be accessed from a parent",
|
|
%{
|
|
representative: representative,
|
|
user: user
|
|
} do
|
|
# someone who is allowed because it's accessed through the ticket
|
|
|
|
assert [ticket] =
|
|
Ticket
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: representative)
|
|
|> Ash.Query.filter(reporter.ticket_count > 0)
|
|
|> Ash.Query.load(reporter: [:ticket_count])
|
|
|> Ash.Query.limit(1)
|
|
|> Ash.read!()
|
|
|
|
assert is_number(ticket.reporter.ticket_count)
|
|
assert ticket.reporter.ticket_count > 0
|
|
|
|
# someone who isn't allowed to see the field
|
|
assert [ticket] =
|
|
Ticket
|
|
|> Ash.Query.select([])
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.Query.filter(reporter.ticket_count > 0)
|
|
|> Ash.Query.load(reporter: [:ticket_count])
|
|
|> Ash.Query.limit(1)
|
|
|> Ash.read!(authorize?: true)
|
|
|
|
assert ticket.reporter.ticket_count == %Ash.ForbiddenField{
|
|
field: :ticket_count,
|
|
type: :aggregate
|
|
}
|
|
end
|
|
end
|
|
|
|
describe "sorts" do
|
|
test "sorts are replaced with the appropriate field policies", %{
|
|
user: %{id: user_id} = user
|
|
} do
|
|
assert [%{id: ^user_id} | _] =
|
|
User
|
|
|> Ash.Query.select([:points])
|
|
|> Ash.Query.sort_input(points: :asc_nils_last)
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.read!()
|
|
|
|
assert [_, _, _, %{id: ^user_id}] =
|
|
User
|
|
|> Ash.Query.select([:points])
|
|
|> Ash.Query.sort_input(points: :asc_nils_first)
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.read!()
|
|
|
|
assert [_, _, %{id: ^user_id}, _] =
|
|
User
|
|
|> Ash.Query.select([:points])
|
|
|> Ash.Query.sort(points: :asc_nils_first)
|
|
|> Ash.Query.for_read(:read, %{}, authorize?: true, actor: user)
|
|
|> Ash.read!()
|
|
end
|
|
end
|
|
end
|