Guardian before and after checks api

angus · May 8, 2024, 11:53am

Something I’ve come across a few times when building plugins is the need to modify the outcome of Guardian can_* checks. I’ve come across it again in the ActivityPub Plugin:

github.com

discourse/discourse-activity-pub/blob/main/extensions/discourse_activity_pub_guardian_extension.rb

# frozen_string_literal: true

# TODO (future): PR discourse/discourse to add plugin api for guardian changes.
# TODO (future): PR discourse/discourse to add a proper guardian condition for changing post owners.

module DiscourseActivityPubGuardianExtension
  def can_edit_post?(post)
    return false if post.activity_pub_remote?
    super
  end

  def can_change_post_owner?
    return false if activity_pub_enabled_topic?
    super
  end

  def activity_pub_enabled_topic?
    return false unless DiscourseActivityPub.enabled && request&.params&.[]("topic_id")
    topic = Topic.find_by(id: request.params["topic_id"].to_i)
    topic&.activity_pub_enabled

This file has been truncated. show original

I’ve just raised a draft PR that adds a new server-side plugin api method that allows you to register before and after checks to guardian can_* methods, affording the ability to change the outcome of the method. For example

add_guardian_check(:before, :edit_post) do |guardian, result, post|
  !post.activity_pub_remote?
end

github.com/discourse/discourse

Add before and after guardian checks

discourse:main ← angusmcleod:add_plugin_api_to_guardian

opened 11:46AM - 08 May 24 UTC

angusmcleod

+92 -0

Adds a system to allow plugins to more easily modify guardian `can_` method outc…omes. ### Example Currently the only way to modify guardian `can_` method outcomes is via module pre-pension, for example: ``` module DiscourseActivityPubGuardianExtension def can_edit_post?(post) return false if post.activity_pub_remote? super end def can_change_post_owner? return false if activity_pub_enabled_topic? super end def activity_pub_enabled_topic? return false unless DiscourseActivityPub.enabled && request&.params&.[]("topic_id") topic = Topic.find_by(id: request.params["topic_id"].to_i) topic&.activity_pub_enabled end end ... Guardian.prepend DiscourseActivityPubGuardianExtension ``` [See further](https://github.com/discourse/discourse-activity-pub/blob/main/extensions/discourse_activity_pub_guardian_extension.rb) This change would mean the above could be done via the plugin api like so: ``` add_guardian_check(:before, :edit_post) do |guardian, result, post| !post.activity_pub_remote? end add_guardian_check(:before, :change_post_owner) do |guardian| return true unless DiscourseActivityPub.enabled && guardian.request&.params&.[]("topic_id") topic = Topic.find_by(id: guardian.request.params["topic_id"].to_i) !topic&.activity_pub_enabled end ```

Curious to get feedback on both the approach and the execution before publishing it for review.

angus · July 8, 2024, 6:36am

Just bumping this one back up for whomever is relevant. cc @pmusaraj

pmusaraj · July 26, 2024, 5:27pm

Thanks, Angus!

I don’t see any issues with the before_* register. The after_* register is a little trickier. Security-wise, the after_* register means plugins can override core in ways that may be unsafe. Obviously plugins can do this in all sorts of ways, but the plugin API shouldn’t facilitate it even further.

Also, what happens if multiple plugins consume the after_* hook? Which one wins?

angus · July 29, 2024, 8:02am

Yeah, I understand what you mean.

The checks accept a priority argument. See this spec

it "respects check priority" do
  plugin.add_guardian_check(:after, :edit_post, 2) { false }
  plugin.add_guardian_check(:after, :edit_post, 0) { true }
  plugin.add_guardian_check(:after, :edit_post, 1) { false }
  expect(Guardian.new(user).can_edit_post?(post)).to be_truthy
end

How about I limit this PR to just before checks? That would serve the immediate needs and reduce the variables in play a bit here.

pmusaraj · July 29, 2024, 2:20pm

Yes, sure, let’s start with just the before checks. Thanks!

Topic		Replies	Views
Is there a way to modify Discourse endpoints through plugin? dev	3	618	January 8, 2019
Adding a call-to-action for donations with our Patreon plugin feature	8	2083	October 11, 2019
Force signin plugin plugin	5	3141	November 12, 2017
Need a developer to get over the last couple of humps to launch our community marketplace	5	940	March 22, 2023
Discourse Authorship Plugin plugin	2	1322	April 10, 2024

Guardian before and after checks api

Related Topics