From 5d82769d2de69eedaa521384e15363a1ae1148e5 Mon Sep 17 00:00:00 2001 From: Moritz Date: Tue, 27 Jan 2026 15:44:38 +0100 Subject: [PATCH] CustomFieldValueCreateScope: use get_argument_or_attribute for member_id - Read member_id via Ash.Changeset.get_argument_or_attribute/2 so it works when set as attribute or argument - Remove unused require Logger - Document member_id source in moduledoc --- .../checks/custom_field_value_create_scope.ex | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/mv/authorization/checks/custom_field_value_create_scope.ex b/lib/mv/authorization/checks/custom_field_value_create_scope.ex index f5be53d..0b24e74 100644 --- a/lib/mv/authorization/checks/custom_field_value_create_scope.ex +++ b/lib/mv/authorization/checks/custom_field_value_create_scope.ex @@ -8,6 +8,14 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do (PermissionSets + :linked/:all) but only implements strict_check, so it never adds a filter. + ## member_id source + + The check reads `member_id` from the create changeset via + `Ash.Changeset.get_argument_or_attribute/2`, so it works when member_id + is set as an attribute or as an action argument. The CustomFieldValue + resource's default create action must accept and require `member_id` + (e.g. via `default_accept [:value, :member_id, :custom_field_id]`). + Used in CustomFieldValue policies: policy action_type(:create) do authorize_if Mv.Authorization.Checks.CustomFieldValueCreateScope @@ -15,7 +23,6 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do """ use Ash.Policy.Check alias Mv.Authorization.PermissionSets - require Logger @impl true def describe(_opts), @@ -53,8 +60,8 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do defp get_create_member_id(authorizer) do changeset = authorizer.changeset || authorizer.subject - if changeset && function_exported?(Ash.Changeset, :get_attribute, 2) do - Ash.Changeset.get_attribute(changeset, :member_id) + if changeset && function_exported?(Ash.Changeset, :get_argument_or_attribute, 2) do + Ash.Changeset.get_argument_or_attribute(changeset, :member_id) else nil end