module ActionPolicy::Behaviours::Scoping
Adds `authorized_scop` method to behaviour
Public Instance Methods
authorization_scope_type_for(policy, target)
click to toggle source
Infer scope type for target if none provided. Raises an exception if type couldn't be inferred.
# File lib/action_policy/behaviours/scoping.rb, line 30 def authorization_scope_type_for(policy, target) policy.resolve_scope_type(target) end
authorized(target, type: nil, as: :default, scope_options: nil, **options)
For backward compatibility
Alias for: authorized_scope
authorized_scope(target, type: nil, as: :default, scope_options: nil, **options)
click to toggle source
Apply scope to the target of the specified type.
NOTE: policy lookup consists of the following steps:
- first, check whether `with` option is present - secondly, try to infer policy class from `target` (non-raising lookup) - use `implicit_authorization_target` if none of the above works.
# File lib/action_policy/behaviours/scoping.rb, line 13 def authorized_scope(target, type: nil, as: :default, scope_options: nil, **options) options[:context] && (options[:context] = authorization_context.merge(options[:context])) policy = policy_for(record: target, allow_nil: true, **options) policy ||= policy_for(record: implicit_authorization_target!, **options) type ||= authorization_scope_type_for(policy, target) name = as Authorizer.scopify(target, policy, type:, name:, scope_options:) end
Also aliased as: authorized