Action Policy v0.3.0 Release Notes
Release Date: 2019-04-02 // about 5 years ago-
- โ Added ActiveSupport-based instrumentation. ([@palkan][])
๐ See PR#4
- ๐ Allow passing authorization context explicitly. ([@palkan][])
Closes #3.
Now it's possible to override implicit authorization context via
context
option:authorize! target, to: :show?, context: {user: another_user} authorized_scope User.all, context: {user: another_user}
- ๐ Renamed
#authorized
to#authorized_scope
. ([@palkan][])
NOTE:
#authorized
alias is also available.- โ Added
Policy#pp(rule)
method to print annotated rule source code. ([@palkan][])
Example (debugging):
def edit? binding.pry # rubocop:disable Lint/Debugger (user.name == "John") && (admin? || access_feed?) end
pry> pp :edit? MyPolicy#edit? โณ ( user.name == "John" #=> false ) AND ( admin? #=> false OR access_feed? #=> true ) )
๐ See PR#63
- โ Added ability to provide additional failure reasons details. ([@palkan][])
Example:
class ApplicantPolicy < ApplicationPolicy def show? allowed_to?(:show?, object.stage) end end class StagePolicy < ApplicationPolicy def show? # Add stage title to the failure reason (if any) # (could be used by client to show more descriptive message) details[:title] = record.title # then perform the checks user.stages.where(id: record.id).exists? end end