Sails.js Policies, is there an OR operator to allow an action if one of a group of policies succeeds?

Question

When configuring policies in sails in config/policies.js such as:

    ActivityController: {
        create: ['authenticated'],
        update: ['authenticated', 'isActivityOwner'],
        destroy: ['authenticated' ,'isActivityOwner']
    }

Is there any functionality that would allow me to grant access to the action provided one or more of a group of policies succeeds maybe something like:

    ActivityController: {
        create: ['authenticated'],
        update: ['authenticated', {or:['isActivityOwner', 'isAdmin']}],
        destroy: ['authenticated' ,'isActivityOwner']
    }

Alternatively is it possible to create composite policies so that in one policy I may check one or more other policies?

If both of these options seem like poor solutions, can you suggest an approach that would would be considered better practice?

Forgive me if this is a bit obvious but I'm fairly new to sails and node in general, and thanks in advance for any help!

Answer 1

I haven't found any official support for operators in sails policies but here is what I am doing.

ActivityController: {
    update: ['authenticated', 'orActivityOwner', 'orAdmin', orPolicy],
}

Both orActivityOwner and orAdmin return next() as if they are valid. But they also set a boolean value to a session variable. Remember, policies are executed from left to right. I added an orPolicy to the end which will then evaluate the state of our session variable.

Answer 2

check out sails-must:

ActivityController: {
    create: 'authenticated',
    update: ['authenticated', must().be.the.owner.or.be.a.member.of('admins')],
    destroy: ['authenticated', must().be.the.owner]
}