Skip to main content

ARGS

Vasyl MartyniukAbout 1 min

Syntax

${ARGS.<pathToProperty>}

Definition

The ARGS marker allows you to inject values to the policy through the PHP code at the time the statement or param evaluates. Fundamental, it is similar to CONST or CALLBACK as it has a direct link to the PHP codebase. However, conceptually it is used for a different purpose.

The typical use case for the ARGS markers is when you need to pass some dynamic values generated in the code to the access policy and direct your application flow based on the outcome.

For example, this policy restricts a user to comment on all posts, if the user is marked as a "spammer" in some third-party service.

{
    "Statement": {
        "Effect": "deny",
        "Resource": "PostType:post:posts",
        "Action": "Comment",
        "Condition": {
            "Equals": {
                "${ARGS.is_blacklisted}": false
            }
        }
    }
}

Now, you can programmatically verify if the current user is allowed to comment on posts or not as follows.

if (is_user_logged_in()) {
    $manager = AAM::api()->getAccessPolicyManager();

    // Pinging the third-party service and verifying if a user
    // is blacklisted or not
    $is_blacklisted = TheThirdPartyService::is_blacklisted(
        wp_get_current_user()->user_email
    );

    // This will return false
    var_dump($manager->isAllowedTo(
        'PostType:post:posts',
        'comment',
        compact($is_blacklisted)
    ));
}

In another scenario, imagine the necessity to adjust membership prices based on evolving business needs. One approach is to either craft convoluted spaghetti code to handle all business rules, or alternatively, to utilize access policies.

The following policy illustrates this concept by defining two parameters, both named "membershipPrice", but only one applies depending on the value of the "is_army_veteran" flag passed into the code:

{
    "Param": [
        {
            "Key": "membershipPrice",
            "Value": 75,
            "Condition": {
                "Equals": {
                    "(*bool)${ARGS.is_army_veteran}": false
                }
            }
        },
        {
            "Key": "membershipPrice",
            "Value": 50,
            "Condition": {
                "Equals": {
                    "(*bool)${ARGS.is_army_veteran}": true
                }
            }
        }
    ]
}

Now, within the code, retrieving the appropriate price is simplified:

<?php

$price = AAM::api()->getAccessPolicyManager()->getParam('membershipPrice', [
    'is_army_veteran' => get_user_flag('armyVeteran')
]);

Should future business requirements demand adjustments such as reduced prices until a certain date or based on geographical conditions, you can seamlessly modify the JSON access policy without any alterations to your PHP code.

Virtual Assistant