Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unexpected results for `detectSubjectType` and `conditionsMatcher` with `PureAbility`

See original GitHub issue

Describe the bug Using a very simply condition to match a class property doesn’t seem to work

To Reproduce Run this code:

import { mongoQueryMatcher, PureAbility, SubjectType } from "@casl/ability";

class Thing {
  static readonly modelName = "Thing";

  public id: string;
}

const ability = new PureAbility(
  [
    {
      action: "read",
      subject: "Thing",
      conditions: [{ id: "abc" }]
    }
  ],
  {
    conditionsMatcher: mongoQueryMatcher,
    detectSubjectType: (subject) => {
      console.log("getting subject for", subject);
      return "Thing" as SubjectType;
    }
  }
);

const thingInstance = new Thing();
thingInstance.id = "abc";

const output = [
  "<br/><b>Thing:</b>",
  `can read Thing (class): ${ability.can("read", Thing)}`,
  `can read Thing (instance): ${ability.can("read", thingInstance)}`,
  `can read Thing (string): ${ability.can("read", "Thing")}`
];

document.body.innerHTML = output.join("<br/>");

The output is:

Thing:
can read Thing (class): false
can read Thing (instance): false
can read Thing (string): true

This is very surprising. I’m providing detectSubjectType and it’s hardcoded to return "Thing" no matter what you pass in. I’m also providing the conditionsMatcher (the default mongo one), and my condition is very simple: The id should match "abc". Why do the first two checks return false?

Expected behavior I would expect the output to be

Thing:
can read Thing (class): true
can read Thing (instance): true
can read Thing (string): true

Interactive example (optional, but highly desirable) https://codesandbox.io/s/casl-example-conditions-and-detectsubjecttype-xp102?file=/src/index.ts

CASL Version

@casl/ability - v5.2.2

Environment: Node v14.15.4 TS 3.9.5

Issue Analytics

State:
Created 3 years ago
Comments:5 (4 by maintainers)

Top GitHub Comments

1reaction

stalniycommented, Feb 19, 2021

Indeed, this is missed. I’ll extend docs for detectSubjectType with explanation I gave in this issue.

Thanks 😃

1reaction

stalniycommented, Feb 19, 2021

Well, conditions should be an object and not an array.

update PureAbility doesn’t restrict what you can pass as conditions as this is an extension point and if you pass smth in conditions you need to make sure that conditionsMatcher can correctly process it

Top Results From Across the Web

stalniy-casl/casl - Gitter

But unfortunately I've got unexpected result: ... On the frontend side, I have used prismaQuery conditions matcher from @casl/prisma package.

CASL Example: Conditions and detectSubjectType

VS Code's tsserver was deleted by another application such as a misbehaving virus detection tool. Please reinstall VS Code. Manage Extension.

@casl/ability API - CASL

Returns an array of all registered rules. Ability. Ability extends PureAbility . It sets default values for 2 options: conditionsMatcher into mongoQueryMatcher ...

Support ecdsa, ed25519, dsa temporary ssh key types

Issue Title Created Date Comment Count Updated... Support VFS methods with no argument 2 2021‑12‑28 2022‑09‑11 Function in preview mode 3 2022‑01‑07 2022‑05‑07 Heatmaps of the...

casl - bytemeta

Unexpected results for `detectSubjectType` and `conditionsMatcher` with `PureAbility `. jfahrenkrug. jfahrenkrug CLOSED · Updated 1 year ago ...