[BUG] Rule's parameters must be the same name as the attributes you check against

[mezakos]

Describe the bug
If a rule is defined in a schema, the parameter(s) of that rule has to be the same name as the attribute(s) you are trying to validate with the rule. This prevents writing "helper" rules like a global negator rule.

To Reproduce

entity user {}

entity resource {
    relation owner @user

    attribute is_private boolean

    permission view = negate(is_private)
}

rule negate(input boolean){
    !input
}

Expected behavior
Schema is valid.

Actual
8:31: invalid argument

Additional context
This problem was mentioned in 2025.02.28 on Discord but I couldn't find a bug ticket for it.

Environment (please complete the following information, because it helps us investigate better):

• Docker
• Version 1.6.2

[tolgaozen]

Hi @mezakos, This is not a bug. You can use it like this:

 entity user {}

entity resource {
    relation owner @user

    attribute is_private boolean

    permission view = negate(is_private)
}

rule negate(is_private boolean){
    !is_private
}

https://docs.permify.co/use-cases/abac#defining-rules

[mezakos]

Hi @tolgaozen ,
I know I can use it like that, but if I have a much bigger schema with a lot of attributes and I need to do the same checks for different attributes with different names, I have to write a rule for each of the attributes. Cemoji user on discord said: "I looked into the code and saw that at compile time when the type of the actual argument owner is validated, it looks for a formal argument with the same name. Seems to be a nice bug." And I also think this should not work the way it is. Also doesn't seem to be a large change but would make writing a schema much easier.

EDIT:
I checked the documentation and it never mentions that attribute names has to be the same as parameter names in the rules

[pcloud2]

Hi @tolgaozen I noticed the statement, "I checked the documentation and it never mentions that attribute names has to be the same as parameter names in the rules" from @mezakos , However, playground is throwing error, so is it bug in playground and not the schema DSL? or it is DSL limitation. Because I am also facing the same issue as @mezakos mentioned, hence not able to re-use the rule.

[mooreds]

Related: #2786

[mooreds]

@mezakos @pcloud2 do either of you have any interest in contributing code making this change?

[mezakos]

@mooreds I checked the source code and figured out how and why it works as is. Sadly I'm not a go developer and tried to use AI to make the changes for positional parameters, but no luck yet.

[mezakos]

@mooreds I gave it a go and it seems to be working in permify playground. #2795 please check it :) It was done by AI so I'm not sure if it's right but might be a good start.

[omer-topal]

Closing this issue since this is better tracked as a feature request than a bug. We’ll continue following it in #2786