ash_policy_authorizer v0.11.0 AshPolicyAuthorizer.Authorizer.Policy.Policies.AuthorizeUnless View Source
Link to this section Summary
Functions
If the check is false, the request is authorized, otherwise run remaining checks.
Link to this section Functions
If the check is false, the request is authorized, otherwise run remaining checks.
Examples
authorize_unless not_logged_in()
authorize_unless actor_attribute_matches_record(:group, :blacklisted_groups)
Arguments
:check
- A check is a tuple of{module, keyword}
.
The module must implement the AshPolicyAuthorizer.Check
behaviour.
Generally, you won't be passing {module, opts}
, but will use one
of the provided functions that return that, like always()
or
actor_attribute_matches_record(:foo, :bar)
. To make custom ones
define a module that implements the AshPolicyAuthorizer.Check
behaviour,
put a convenience function in that module that returns {module, opts}, and
import that into your resource.
defmodule MyResource do
use Ash.Resource, authorizers: [AshPolicyAuthorizer.Authorizer]
import MyCustomCheck
policies do
...
policy do
authorize_if my_custom_check(:foo)
end
end
end
Options
:name
- false A short name or description for the check, used when explaining authorization results