Files
self 6e050b1141
CI / Test (push) Failing after 23s
feat: provide trust facts for access policies
Expose Trust as the generic access trust provider, add admin management methods for e2e setup, and align dependency locks with the host release.\n\nKeep Trust resources buildable in plugin packaging by avoiding host-only policy checks in plugin resources.
2026-05-28 21:30:14 +02:00

104 lines
2.0 KiB
Elixir

defmodule TribeOne.TribesPlugin.Trust.RemoteTribe do
@moduledoc false
use Ash.Resource,
otp_app: :tribe_one_trust,
domain: TribeOne.TribesPlugin.Trust.Domain,
data_layer: AshPostgres.DataLayer,
authorizers: [Ash.Policy.Authorizer],
extensions: [AshNostrSync]
postgres do
table("trust_remote_tribes")
repo(Tribes.Repo)
custom_indexes do
index([:pubkey], unique: true)
end
end
nostr_sync do
namespace("plugins.trust.remote_tribe")
lane(:control)
publish?(true)
consume?(true)
end
actions do
defaults([:read])
read :by_pubkey do
get?(true)
argument :pubkey, :string do
allow_nil?(false)
end
filter(expr(pubkey == ^arg(:pubkey)))
end
create :upsert do
accept([:pubkey, :name, :description, :last_seen_at])
upsert?(true)
upsert_identity(:unique_pubkey)
change(AshNostrSync.PublishChange)
end
create :sync_upsert do
accept([:id, :pubkey, :name, :description, :last_seen_at])
upsert?(true)
end
end
policies do
bypass Tribes.Checks.SyncInteraction do
authorize_if(always())
end
bypass {Tribes.Checks.SystemInteraction, purposes: [:trust_plugin]} do
authorize_if(always())
end
policy action_type(:read) do
authorize_if(always())
end
policy action(:upsert) do
authorize_if(always())
end
end
attributes do
attribute :id, :uuid do
allow_nil?(false)
primary_key?(true)
public?(true)
writable?(true)
default(&Ash.UUID.generate/0)
end
attribute :pubkey, :string do
allow_nil?(false)
public?(true)
end
attribute :name, :string do
public?(true)
end
attribute :description, :string do
public?(true)
end
attribute :last_seen_at, :utc_datetime do
public?(true)
end
timestamps(type: :utc_datetime)
end
identities do
identity(:unique_pubkey, [:pubkey])
end
end