Defines a permission that depends on runtime field values of a resource. Used for dynamic authorization where permission requirements change based on the actual data being accessed.
query { # Use this type in your queries someQuery { entityIdPath entityModule field permission value }}entityIdPathStringDot-notation path to the entity ID in the GraphQL arguments (e.g., 'input.product_id', 'medication_id'). Used to fetch the related entity for conditional permission checking. Required when entity_module is specified.
entityModuleStringThe Elixir module name for the entity to check (e.g., 'Vetspire.Clinical.Medication'). When specified with entity_id_path: - The system extracts the entity ID from GraphQL arguments using the path - Fetches the entity from the database using this module - Checks the field value on the fetched entity When not specified: - The field value is checked directly on the input arguments - Useful for permissions based on values provided in the GraphQL request
The field name to check on the resource (e.g., 'is_controlled', 'status')
The required permission string (e.g., 'medication.prescribe_controlled')
The expected field value that triggers this permission requirement (e.g., 'true', 'active')