local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

CustomFieldValueCreateScope: use get_argument_or_attribute for member_id

Browse source 
- Read member_id via Ash.Changeset.get_argument_or_attribute/2 so it works
  when set as attribute or argument
- Remove unused require Logger
- Document member_id source in moduledoc
This commit is contained in:
Moritz 2026-01-27 15:44:38 +01:00 committed by moritz
parent 9e6c79bf40
commit 7153af23ee
1 changed files with 10 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/mv/authorization/checks/custom_field_value_create_scope.ex
View file

@ -8,6 +8,14 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do
(PermissionSets + :linked/:all) but only implements strict_check, so it
never adds a filter.
## member_id source
The check reads `member_id` from the create changeset via
`Ash.Changeset.get_argument_or_attribute/2`, so it works when member_id
is set as an attribute or as an action argument. The CustomFieldValue
resource's default create action must accept and require `member_id`
(e.g. via `default_accept [:value, :member_id, :custom_field_id]`).
Used in CustomFieldValue policies:
policy action_type(:create) do
authorize_if Mv.Authorization.Checks.CustomFieldValueCreateScope
@ -15,7 +23,6 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do
"""
use Ash.Policy.Check
alias Mv.Authorization.PermissionSets
require Logger
@impl true
def describe(_opts),
@ -53,8 +60,8 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do
defp get_create_member_id(authorizer) do
changeset = authorizer.changeset || authorizer.subject
if changeset && function_exported?(Ash.Changeset, :get_attribute, 2) do
Ash.Changeset.get_attribute(changeset, :member_id)
if changeset && function_exported?(Ash.Changeset, :get_argument_or_attribute, 2) do
Ash.Changeset.get_argument_or_attribute(changeset, :member_id)
else
nil
end