Add policies for Book, BookId, AuthorRole, BookEditionsRegistry, DBI_Server.

lib/decentralised_book_index/metadata/author_role.ex

@@ -8,28 +8,6 @@ defmodule DecentralisedBookIndex.Metadata.AuthorRole do
 
   alias DecentralisedBookIndex.Metadata
 
-  policies do
-    bypass actor_attribute_equals(:role, :admin) do
-      authorize_if always()
-    end
-
-    policy action_type(:read) do
-      authorize_if always()
-    end
-
-    policy action_type(:create) do
-      authorize_if actor_attribute_equals(:role, :moderator)
-    end
-
-    policy action_type(:update) do
-      authorize_if actor_attribute_equals(:role, :moderator)
-    end
-
-    policy action_type(:destroy) do
-      authorize_if actor_attribute_equals(:role, :admin)
-    end
-  end
-
   json_api do
     type "author_role"
   end
@@ -97,6 +75,28 @@ defmodule DecentralisedBookIndex.Metadata.AuthorRole do
     end
   end
 
+  policies do
+    bypass actor_attribute_equals(:role, :admin) do
+      authorize_if always()
+    end
+
+    policy action_type(:read) do
+      authorize_if always()
+    end
+
+    policy action_type(:create) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:update) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:destroy) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+  end
+
   attributes do
     uuid_primary_key :id, writable?: true
 

lib/decentralised_book_index/metadata/book.ex

@@ -3,7 +3,8 @@ defmodule DecentralisedBookIndex.Metadata.Book do
     otp_app: :decentralised_book_index,
     domain: DecentralisedBookIndex.Metadata,
     data_layer: AshPostgres.DataLayer,
-    extensions: [AshJsonApi.Resource]
+    extensions: [AshJsonApi.Resource],
+    authorizers: [Ash.Policy.Authorizer]
 
   require Ash.Query
   alias DecentralisedBookIndex.Metadata
@@ -267,6 +268,32 @@ defmodule DecentralisedBookIndex.Metadata.Book do
     end
   end
 
+  policies do
+    bypass actor_attribute_equals(:role, :admin) do
+      authorize_if always()
+    end
+
+    policy action_type(:read) do
+      authorize_if always()
+    end
+
+    policy action_type(:create) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:update) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:destroy) do
+      authorize_if actor_attribute_equals(:role, :admin)
+    end
+  end
+
+  validations do
+    validate numericality(:page_count, greater_than: 0)
+  end
+
   attributes do
     uuid_primary_key :id, writable?: true
 

lib/decentralised_book_index/metadata/book_editions_registry.ex

@@ -2,7 +2,8 @@ defmodule DecentralisedBookIndex.Metadata.BookEditionsRegistry do
   use Ash.Resource,
     otp_app: :decentralised_book_index,
     domain: DecentralisedBookIndex.Metadata,
-    data_layer: AshPostgres.DataLayer
+    data_layer: AshPostgres.DataLayer,
+    authorizers: [Ash.Policy.Authorizer]
 
   alias DecentralisedBookIndex.Metadata
 
@@ -29,6 +30,28 @@ defmodule DecentralisedBookIndex.Metadata.BookEditionsRegistry do
     end
   end
 
+  policies do
+    bypass actor_attribute_equals(:role, :admin) do
+      authorize_if always()
+    end
+
+    policy action_type(:read) do
+      authorize_if always()
+    end
+
+    policy action_type(:create) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:update) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:destroy) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+  end
+
   attributes do
     uuid_primary_key :id, writable?: true
 

lib/decentralised_book_index/metadata/book_id.ex

@@ -3,7 +3,8 @@ defmodule DecentralisedBookIndex.Metadata.BookId do
     otp_app: :decentralised_book_index,
     domain: DecentralisedBookIndex.Metadata,
     data_layer: AshPostgres.DataLayer,
-    extensions: [AshJsonApi.Resource]
+    extensions: [AshJsonApi.Resource],
+    authorizers: [Ash.Policy.Authorizer]
 
   alias DecentralisedBookIndex.Metadata
 
@@ -40,6 +41,28 @@ defmodule DecentralisedBookIndex.Metadata.BookId do
     end
   end
 
+  policies do
+    bypass actor_attribute_equals(:role, :admin) do
+      authorize_if always()
+    end
+
+    policy action_type(:read) do
+      authorize_if always()
+    end
+
+    policy action_type(:create) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:update) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+
+    policy action_type(:destroy) do
+      authorize_if actor_attribute_equals(:role, :moderator)
+    end
+  end
+
   attributes do
     uuid_primary_key :id, writable?: true
 

lib/decentralised_book_index/metadata/dbi_server.ex

@@ -2,7 +2,8 @@ defmodule DecentralisedBookIndex.Metadata.DBIServer do
   use Ash.Resource,
     otp_app: :decentralised_book_index,
     domain: DecentralisedBookIndex.Metadata,
-    data_layer: AshPostgres.DataLayer
+    data_layer: AshPostgres.DataLayer,
+    authorizers: [Ash.Policy.Authorizer]
 
   alias DecentralisedBookIndex.Metadata
 
@@ -31,6 +32,12 @@ defmodule DecentralisedBookIndex.Metadata.DBIServer do
     end
   end
 
+  policies do
+    bypass actor_attribute_equals(:role, :admin) do
+      authorize_if always()
+    end
+  end
+
   attributes do
     uuid_primary_key :id