[Feature Request] A general-purposed context object for injecting values into access policy rules at runtime

[ymc9]

Is your feature request related to a problem? Please describe.

Today, the only connection between the JS/TS world and ZModel is the auth() function; however, it's restricted to representing the current user. There are situations where you want to customize ZenStack's access policies at runtime by injecting values into the rules.

Describe the solution you'd like

We can have a new args() attribute function in ZModel, and a new args context object for the enhance TS-API. They'll be used in combination like:

const db = enhance(prisma, { user: currentUser, args: { quota: 1 } });

model Post {
  ...
  @@allow('create', args().quota > 0)
}

In an initial implementation, we can leave the args() function typed as Any to exempt it from type checking. After #783 is implemented, we can use the "type" feature to provide a proper typing.

Describe alternatives you've considered

Alternatively we can also try to add more fields into the user object and make them accessible through auth(). But I think it's a good idea to keep the concept of auth clean and dedicated to representing the user.