Print abort message as part of predicate function

Mike · February 9, 2024, 4:56pm

In the case of more complex predicate functions, including abort/error messages would be helpful to help the consuming developers debug more easily.

e.g.

privileges: [{
    resource: "Collection",
    actions: {
          write: `(originalDoc, newDoc) => {
  if(originalDoc.owner != newDoc.owner) {
    abort({
      code: "insufficient_permission",
      message: "Insufficient Permission. Only the Owner is allowed to change the owner."

    })
  }
  
  if(originalDoc.access != newDoc.access) {
    if(originalDoc.access.any(
        (.entity == Query.identity() || .entity == Query.identity().activeOrganization)
        && .action == "UNRESTRICTED"
      ) 
    ) {
      true
    } else {
      abort({
        code: "insufficient_permission",
        message: "Insufficient Permission. Only the Owner is allowed to change the owner."
      })
    }
  }
  
  doc.access.any(
    (.entity == Query.identity() || .entity == Query.identity().activeOrganization)
    && .action == "WRITE"
  )
}
`
      }
    }

Somehow related to Detailed error message for “insufficient privileges” in dev mode, but more focused in the direction to print custom error codes/messages

Topic		Replies	Views
Abort message as part of role privilege predicate possible? Help authorization	4	94	February 11, 2024
Permission denied when predicate set for collection, but works when boolean true Help fql , authentication	5	1302	May 4, 2021
ABAC lambda functions hard to debug when using GraphQL - permissions error Help graphql	5	785	July 22, 2020
Debug best practices for ABAC functions in GraphQL? Help graphql , fql , best-practices	3	477	January 17, 2023
Running UDF in ABAC Predicate results in Permission Denied Help authentication , abac , logging	7	416	December 23, 2021

Print abort message as part of predicate function

Related Topics