Severity: P2 (correctness/clarity) · Tier-1 (rename/redocument is mechanical)
Co-maintained repo (Pascal = architect).
Location: lib/ash_ui/runtime/action_binding.ex:167-174
check_authorization/2 returns {:ok, :authorized} whenever ResourceAccess.actor(context) is non-nil — no policy evaluation, never calls Runtime.check_action_authorization/3. Actions are authorized downstream by the target resource's Ash policies, so it isn't an open door today, but the name + moduledoc ("with proper authorization") overstate it, and any future caller building a context with authorize?: false would execute unauthorized.
Fix: route through Runtime.check_action_authorization/3, or rename/redocument as an authentication pre-check and assert authorize?: true at ResourceAccess.execute_action.
2026-05-28 cross-repo review — see ariston-ui docs/audits/cross-repo-review-2026-05-28.md (finding B5).
Severity: P2 (correctness/clarity) · Tier-1 (rename/redocument is mechanical)
Co-maintained repo (Pascal = architect).
Location:
lib/ash_ui/runtime/action_binding.ex:167-174check_authorization/2returns{:ok, :authorized}wheneverResourceAccess.actor(context)is non-nil — no policy evaluation, never callsRuntime.check_action_authorization/3. Actions are authorized downstream by the target resource's Ash policies, so it isn't an open door today, but the name + moduledoc ("with proper authorization") overstate it, and any future caller building a context withauthorize?: falsewould execute unauthorized.Fix: route through
Runtime.check_action_authorization/3, or rename/redocument as an authentication pre-check and assertauthorize?: trueatResourceAccess.execute_action.2026-05-28 cross-repo review — see ariston-ui
docs/audits/cross-repo-review-2026-05-28.md(finding B5).