avo icon indicating copy to clipboard operation
avo copied to clipboard

Published 20 hours ago verified publisher icon avo-hq

Custom Pundit policy per resource

Open adrianthedev opened this issue 3 years ago • 0 comments

Feature

Add the ability to select which policy a resource should use.

From here.

Approach

These thoughts come to my mind but feel free to use your own approach.

Add a authorization_policy class_attribute to BaseResource.

Right now, each resource has an authorization method applied to it. This will create a new AuthorizationService which, by default, tries to figure out the policy by itself from the model you're trying to authorize. I think that's where we need to hook in and pass it a policy class (around here). Then, add a policy method to the AuthorizationService which will default to figuring it by itself from the @model or use the one you give it.

Current workarounds

Screenshots

Additional context

adrianthedev avatar Jul 21 '22 19:07 adrianthedev