Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization subject dependent objects injection #3

Closed
buszu opened this issue Apr 20, 2018 · 0 comments
Closed

Authorization subject dependent objects injection #3

buszu opened this issue Apr 20, 2018 · 0 comments
Labels
enhancement New feature or request
Milestone
0.3.0

Comments

@buszu
Copy link

buszu commented Apr 20, 2018
edited
Loading

Extracted from #1.

It's pretty easy to add support for explicit context though, e.g.:
ruby authorize! record, context: { user: @user }

I think this is what I was looking for.
Some code that might be written (partially inspired by real app that's using pundit):

class RequirementsDocPolicy
  def create?
    user.documenter?(project) &&
      (user.requirement_doc.blank? || user.requirement_doc.versions.empty?) &&
      project.document_set.state == 'preparing' &&
      user.google.uploader? # assume this makes API call
  end
end

(And now imagine not using ActiveRecord.)
We need to fetch a lot of entities actually (user, project, document_set) and make external API call.

class RequirementsDocsController
  def create
    find_user_in_google
    authorize! RequirementsDoc, context: { user: current_user,
                                           user_in_google: @user_in_google }
  end
end

If I can do so, it's ok. :)
@palkan palkan added the enhancement New feature or request label Apr 20, 2018
@palkan palkan added this to the 0.1.0 milestone Apr 30, 2018
@palkan palkan modified the milestones: 0.1.0, 0.2.0 Jun 16, 2018
palkan added a commit that referenced this issue Mar 30, 2019
@palkan
feat: add explicit context option
11345e0 
Closes #3
@palkan palkan mentioned this issue Mar 30, 2019
Merged
3 tasks
palkan added a commit that referenced this issue Mar 30, 2019
@palkan
feat: add explicit context option
3b41bc0 
Closes #3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
0.3.0
Development

No branches or pull requests
2 participants
@palkan @buszu