In the docs it shows that you can skip the subject and specify just the action but each time I do that, I get an error asking for subject. How can I implement claim based authorization without supplying the subject?
import { Ability } from '@casl/ability';
export default new Ability([
{
action: 'read',
}
]);
Property 'subject' is missing in type '{ action: string; }' but required in type 'SubjectRawRule<string, ExtractSubjectType, MongoQuery>'.ts(2741)
In the docs, it shows the rawRule interface showing subject as an optional parameter:
interface RawRule {
action: string | string[]
subject?: string | string[]
/** an array of fields to which user has (or not) access */
fields?: string[]
/** an object of conditions which restricts the rule scope */
conditions?: any
/** indicates whether rule allows or forbids something */
inverted?: boolean
/** message which explains why rule is forbidden */
reason?: string
}