Consider a resource that has a bunch of actions in it and I’m creating policies for them.
Some actions have some policies checks that are common between them and some are not.
Right now, I would write the policies something like this:
policies do
policy action([:a, :b, :c, ...]) do
# all actions common checks
end
policy action :a do
# specific a checks
end
policy action :b do
# specific b checks
end
policy action [:a, :b] do
# common checks between :a and :b
end
...
end
The issue that I see with this is that as I keep adding more and more policies, it gets harder and harder to read them since I need to find all places some action can match a policy to get the full picture of what policies an action has (and from my experience, that incentivizes the developers to ignore the policies or write wrong/incomplete ones).
A way that I though to mitigate this it to have a explicit policy block per action, that way I just need to check that action policy block and I get the full picture of what its policies checks are.
The obvious problem with this approach is that now I have a bunch of code duplication:
policies do
policy action(:a) do
# common checks
# common checks between :a and :b
# specific :a checks
end
policy action(:b) do
# common checks
# common checks between :a and :b
# specific :b checks
end
policy action(:c) do
...
end
...
end
So, the proposal is a way to help this scenario by allowing the creation of check groups, basically a check group contains a list of checks the same way a policy code block has and a name, then, that check block can be referenced inside any policy block and their checks would be applied to that policy block.
It would work kinda similar to phoenix route pipelines.
So, the above solution with check groups would be something like this:
policies do
check_group :common do
# check 1
# check 2
...
end
check_group :common_a_and_b do
# check 1
# check 2
...
end
policy action(:a) do
check_group :common
check_group :common_a_and_b
# specific :a checks
end
policy action(:b) do
check_group :common
check_group :common_a_and_b
# specific :a checks
end
policy action(:c) do
...
end
...
Of course, if I just have 2~3 actions, then this is more verbose and probably will use more lines, but the idea is that this would help with bigger resources that have a bunch of actions (5~20).
Do you think something like this would be feasible @zachdaniel ?