You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Checking permission on creating a specific instance fails although the ability to create any object on the subject has been declared:
const { rules, can } = AbilityBuilder.extract()
can('create', 'users')
let ability = new Ability(rules, { subjectName: resource => resource.type })
// This logs false while it should log true
console.log(ability.can('create', {type : 'users'}))
Expected behaviour
Because creating any object on subject 'users' is allowed it should be allowed whatever the given instance to check.
Thanks for the issue but it's currently expected behavior. subjectName function should properly work for cases when resource is undefined, null or string.
Works fine now, thanks. I suggest to add a reminder in the doc explaining this behaviour is actually mandatory. At a first glance I believed it was specific to your examples.
Observed behaviour
Checking permission on creating a specific instance fails although the ability to create any object on the subject has been declared:
Expected behaviour
Because creating any object on subject 'users' is allowed it should be allowed whatever the given instance to check.
Suspected faulty code
Ability.can()
call the custom function to retrieve thesubjectName
(https://github.com/stalniy/casl/blob/master/src/ability.js#L91) but then perform an internal call torulesFor()
with the subjectName instead of the subject itself, leading to a bug when the custom function is called again (https://github.com/stalniy/casl/blob/master/src/ability.js#L108)The text was updated successfully, but these errors were encountered: