simonelnahas
Ash Policy not denying `forbid_if always() for Manual Read Action
Does anyone know if Manual Read actions are incompatible with policies.
I can’t get this policy to deny anything
test "" do
# Arrange
...
# Act & Assert
# via Query.for_read
assert {:error, _} =
MyApp.ManualUser
|> Ash.Query.for_read(:get_manual_user, %{id: id}, actor: user |> build_actor(), authorize?: true)
|> Ash.read()
end
defmodule MyApp.ManualUser do
use Ash.Resource,
domain: MyApp.Core,
authorizers: [Ash.Policy.Authorizer]
attributes do
uuid_primary_key :id
attribute :user_number, :string, public?: true
end
actions do
read :get_user_number do
primary? true
argument :id, :string, allow_nil?: false
manual Ht.Actions.GetUserNumber
end
end
policies do
policy always() do
forbid_if always()
end
end
end
Marked As Solved
zachdaniel
Creator of Ash
The problem is that for read actions the default behavior of queries is to add a filter to the query
Your manual read action is likely ignoring the provided query, which is how the policies are being applied.
The default access_type of a policy is :filter which allows it to be applied this way. You could change your policy’s access_type to :strict
policies do
policy always() do
access_type :strict
forbid_if always()
end
end
1
Popular in Questions
If I have a post route which an argument:
post /my_post_route/:my_param1, MyController.my_post_handler
How would get the post params ...
New
I have a phoenix application from which a user can download multiple(5-6) files of size 1MB. I couldn’t find anything related to sending ...
New
ExUnit now has describe blocks which is a welcome addition coming from RSpec. In the docs, it states that nested hierarchies of describe ...
New
Forgive me if this is obvious, but how does one delete a database record WITHOUT selecting it first? Ecto.Repo — Ecto v3.14.0 has exampl...
New
lets say i have a sample like
a = 20; b = 10;
if (a > b) do
{:ok, "a"}
end
if (a < b) do
{:ok, b}
end
if (a == b) do
{:ok, "equa...
New
Hi!
In PHP: $_SERVER[‘SERVER_ADDR’] - in Elixir?
Searched the docs for ip address and the web, no good results.
Thanks!
New
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar.
I p...
New
I have a super simple question about elixir - how would I take a file like this
foo
bar
baz
and output a new file that enumerates th...
New
What is the proper way to load a module from a file in to IEX?
In the python world, doing something like this pretty standard:
from ....
New
Okay, I’m having a heck of a time trying to figure out how to best handle the validation of belongs_to associations in Ecto. I’m sure I’...
New
Other popular topics
Hello!
tl;dr Announcing Oban, an Ecto based job processing library with a focus on reliability and historical observability.
After spen...
New
This post is an instruction guide to help you setup your Neovim for Elixir development from scratch. It includes general information on h...
New
Surface is an experimental library built on top of Phoenix LiveView and its new LiveComponent API that aims to provide a more declarative...
New
Hello everybody,
usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
As the title describes, I’m trying to run Enum.map() over a list of key/value pairs, where the value is a map. My data looks like this:
...
New
lets say i have a sample like
a = 20; b = 10;
if (a > b) do
{:ok, "a"}
end
if (a < b) do
{:ok, b}
end
if (a == b) do
{:ok, "equa...
New
Elixir plugin for JetBrain’s IntelliJ Platform (including Rubymine)
This is a plugin that adds support for Elixir to JetBrains IntelliJ...
New
i’m a new one to elixir
which editor can i use
vs code? or atom?
Thanks! :smiley:
New
Hi!
Currently I want to submit a form by pressing the Enter key. However, since my input field is of type “textarea” this is just adds a...
New
Hi everyone!
I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New









