https://cerbos.dev logo
#community
Title
# community
y

Yousef Sultan

06/29/2023, 9:36 AM
What's the best practice for ensuring that policies are actually questioned at all in application code?
Right now if I define a policy that allows a principal to
read
some
article
, then I can only hope my application code makes use of this policy at all everywhere it needs to render an
article
I also noticed two related edge cases: edge case #1 if a
post
has `post-comment`s, should `post-comment`s have a separate
read
policy than
post
? I would say no assuming there's no privacy settings on
post-comment
s or so, but then what about the
update
policy? Surely `post`'s will be different than
post-comment
's because they're of different authors, for one. What does that mean now? I feel like having a
read
policy defined for every single model is going to be a huge burden on the system, at least in terms of network latency, no? edge case #2 How do you make it consistent when to process the whole collection (i.e. PlanResource) vs. individual objects? For example it makes sense to check that the principal can
read
every
post
individually, because they may be able to read some and not others, but it doesn't make sense to check if the user can read every single language name in the languages dropdown individually, as it's extremely unlikely that they could read some language names but not others
Like right now it's a complete mess how the application code is using Cerbos, and the lack of TypeScript types makes it even worse as the app code will send data and only hope that's sufficient for Cerbos to make a decision
4 Views