feat: add support for boolean

Author: Azzerty23

packages/schema/src/plugins/enhancer/policy/policy-guard-generator.ts

@@ -5,6 +5,7 @@ import {
     Expression,
     Model,
     isBinaryExpr,
+    isUnaryExpr,
     isDataModel,
     isDataModelField,
     isEnum,
@@ -1070,7 +1071,10 @@ export class PolicyGenerator {
     collectVariablesTypes(expr: Expression): Record<string, Expression['$type']> {
         const result: Record<string, Expression['$type']> = {};
         const visit = (node: Expression) => {
-            if (isBinaryExpr(node) && typeof (node.right.$type !== 'StringLiteral')) {
+            if (isReferenceExpr(node)) {
+                const variableName = node.target.ref?.name ?? 'unknown';
+                result[variableName] = 'BooleanLiteral';
+            } else if (isBinaryExpr(node) && typeof (node.right.$type !== 'StringLiteral')) {
                 if (isReferenceExpr(node.left)) {
                     // const variableName = `${lowerCaseFirst(
                     //     node.left.target.ref?.$container.name ?? ''
@@ -1084,7 +1088,7 @@ export class PolicyGenerator {
                     visit(node.left);
                     visit(node.right);
                 }
-            } else if (isMemberAccessExpr(node)) {
+            } else if (isMemberAccessExpr(node) || isUnaryExpr(node)) {
                 visit(node.operand);
             }
         };

packages/sdk/src/z3-expression-transformer.ts

@@ -313,7 +313,10 @@ export class Z3ExpressionTransformer {
     }
 
     private unary(expr: UnaryExpr): string {
-        return `(${expr.operator} ${this.transform(expr.operand)})`;
+        if (expr.operator !== '!') {
+            throw new Z3ExpressionTransformerError(`Unsupported unary operator: ${expr.operator}`);
+        }
+        return `z3.Not(${this.transform(expr.operand)})`;
     }
 
     private isModelType(expr: Expression) {

tests/integration/tests/enhancements/with-policy/permissions-checker.test.ts

@@ -37,12 +37,14 @@ describe('With Policy: permissions checker test', () => {
             id String @id @default(uuid())
             title String
             rating Int
+            published Boolean @default(false)
             authorId String @default("userId-1")
             author User @relation(fields: [authorId], references: [id])
             comments Comment[]
 
 
             @@allow('create,read', auth() == author && title == "Title" && rating > 1)
+            @@deny('read', !published || published == false)
             
             @@deny('update', rating < 10)
             @@allow('update', rating > 5)
@@ -95,6 +97,8 @@ describe('With Policy: permissions checker test', () => {
         await expect(authDb.post.check('update', { rating: 8 })).toResolveFalsy();
         await expect(db.post.check('delete', {})).toResolveFalsy();
         await expect(authDb.post.check('delete', {})).toResolveTruthy();
+        await expect(authDb.post.check('read', { published: true })).toResolveTruthy();
+        await expect(authDb.post.check('read', { published: false })).toResolveFalsy();
 
         await expect(db.comment.check('delete', {})).toResolveFalsy();
         await expect(authDb.comment.check('delete', {})).toResolveTruthy();