Is your feature request related to a problem? Please describe.
Currently if you query a resrouce with an interal function, e.g. Ash.read you would be able to see private fields, even if you have added field policies.
attributes do
attribute :private_field, :string
attribute :admin_only_field, :string
end
field_policies do
field_policy :admin_only_field do
authorize_if actor_attribute_equals(:is_admin, true)
end
end
Describe the solution you'd like
There should therefore be a way to hide private fields, if field policies apply:
attributes do
attribute :private_field, :string
attribute :admin_only_field, :string
end
field_policies do
hide_private? true
field_policy :admin_only_field do
authorize_if actor_attribute_equals(:is_admin, true)
end
end
Thanks for the proposal! This should be relatively straightforward, as we apply field policies essentially in one place per action type. The global flag also sounds reasonable. PRs welcome!
Is your feature request related to a problem? Please describe. Currently if you query a resrouce with an interal function, e.g.
Ash.read
you would be able to see private fields, even if you have added field policies.Describe the solution you'd like There should therefore be a way to hide private fields, if field policies apply:
A global flag, would also be good, so you don't forget to add the field to each field policy:
Additional context Helpful conversation on the topic on Elixir forum