From 12c805c0bf361faa47fd01ee4d72c4041c117313 Mon Sep 17 00:00:00 2001
From: KKlochko <KKlochko@protonmail.com>
Date: Tue, 15 Apr 2025 10:03:57 +0300
Subject: [PATCH] Add policies for Publisher resource.

---
 .../metadata/publisher.ex                     | 25 ++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/lib/decentralised_book_index/metadata/publisher.ex b/lib/decentralised_book_index/metadata/publisher.ex
index 261fc1d..315faec 100644
--- a/lib/decentralised_book_index/metadata/publisher.ex
+++ b/lib/decentralised_book_index/metadata/publisher.ex
@@ -3,11 +3,34 @@ defmodule DecentralisedBookIndex.Metadata.Publisher do
     otp_app: :decentralised_book_index,
     domain: DecentralisedBookIndex.Metadata,
     data_layer: AshPostgres.DataLayer,
-    extensions: [AshJsonApi.Resource]
+    extensions: [AshJsonApi.Resource],
+    authorizers: [Ash.Policy.Authorizer]
 
   require Ash.Query
   alias DecentralisedBookIndex.Metadata
 
+  policies do
+    bypass actor_attribute_equals(:role, :admin) do
+      authorize_if always()
+    end
+
+    policy action_type(:read) do
+      authorize_if always()
+    end
+
+    policy action_type(:create) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:update) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:destroy) do
+      authorize_if actor_attribute_equals(:role, :admin)
+    end
+  end
+
   json_api do
     type "publisher"
   end