Unexpected results for `detectSubjectType` and `conditionsMatcher` with `PureAbility`
See original GitHub issueDescribe the bug Using a very simply condition to match a class property doesn’t seem to work
To Reproduce Run this code:
import { mongoQueryMatcher, PureAbility, SubjectType } from "@casl/ability";
class Thing {
static readonly modelName = "Thing";
public id: string;
}
const ability = new PureAbility(
[
{
action: "read",
subject: "Thing",
conditions: [{ id: "abc" }]
}
],
{
conditionsMatcher: mongoQueryMatcher,
detectSubjectType: (subject) => {
console.log("getting subject for", subject);
return "Thing" as SubjectType;
}
}
);
const thingInstance = new Thing();
thingInstance.id = "abc";
const output = [
"<br/><b>Thing:</b>",
`can read Thing (class): ${ability.can("read", Thing)}`,
`can read Thing (instance): ${ability.can("read", thingInstance)}`,
`can read Thing (string): ${ability.can("read", "Thing")}`
];
document.body.innerHTML = output.join("<br/>");
The output is:
Thing:
can read Thing (class): false
can read Thing (instance): false
can read Thing (string): true
This is very surprising. I’m providing detectSubjectType
and it’s hardcoded to return "Thing"
no matter what you pass in. I’m also providing the conditionsMatcher (the default mongo one), and my condition is very simple: The id
should match "abc"
. Why do the first two checks return false
?
Expected behavior I would expect the output to be
Thing:
can read Thing (class): true
can read Thing (instance): true
can read Thing (string): true
Interactive example (optional, but highly desirable) https://codesandbox.io/s/casl-example-conditions-and-detectsubjecttype-xp102?file=/src/index.ts
CASL Version
@casl/ability
- v5.2.2
Environment: Node v14.15.4 TS 3.9.5
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (4 by maintainers)
Top Results From Across the Web
stalniy-casl/casl - Gitter
But unfortunately I've got unexpected result: ... On the frontend side, I have used prismaQuery conditions matcher from @casl/prisma package.
Read more >CASL Example: Conditions and detectSubjectType
VS Code's tsserver was deleted by another application such as a misbehaving virus detection tool. Please reinstall VS Code. Manage Extension.
Read more >@casl/ability API - CASL
Returns an array of all registered rules. Ability. Ability extends PureAbility . It sets default values for 2 options: conditionsMatcher into mongoQueryMatcher ...
Read more >Support ecdsa, ed25519, dsa temporary ssh key types
Issue Title Created Date Comment Count Updated...
Support VFS methods with no argument 2 2021‑12‑28 2022‑09‑11
Function in preview mode 3 2022‑01‑07 2022‑05‑07
Heatmaps of the...
Read more >casl - bytemeta
Unexpected results for `detectSubjectType` and `conditionsMatcher` with `PureAbility `. jfahrenkrug. jfahrenkrug CLOSED · Updated 1 year ago ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Indeed, this is missed. I’ll extend docs for detectSubjectType with explanation I gave in this issue.
Thanks 😃
Well, conditions should be an object and not an array.
update PureAbility doesn’t restrict what you can pass as conditions as this is an extension point and if you pass smth in conditions you need to make sure that conditionsMatcher can correctly process it