Open sauloperez opened 3 years ago
https://github.com/coopdevs/decidim-module-action_delegator/pull/42/files#diff-29d877fefa73ca09ce9d760a2aa4b1c0R11 is yet another example that needs solving.
https://github.com/coopdevs/decidim-module-action_delegator/pull/49/files#diff-9b3fbee9f91d51262226647e0d00214b1abcc5942b5436639e514f3e62a1b460 is a great example of how this can be solved by having our own controller so we have control over the permissions chain.
Due to
Decidim::NeedsPermission#allowed_to?
's signature, we cannot pass in auser
argument other thancurrent_user
without first passingextra_context
andchain
, even though we still want to use their defaults.As a consequence, the calls to this method duplicate the
permission_class_chain
coupling views and other objects to it, which results in long lines and hampers changeability.A potential solution could be to change
#allowed_to?
to use keyboard arguments instead so we can passuser
only. If we do so, it needs to be a backward compatible-change for Decidim to accept it.In the meantime, we could prepend somehow our own permissions class in https://github.com/decidim/decidim/blob/develop/decidim-consultations/app/controllers/decidim/consultations/application_controller.rb#L10-L13. If we go with the approach outlined in https://github.com/coopdevs/decidim-module-action_delegator/issues/19 of having our own controllers, we could just register a different chain that includes this new permissions class.
_Originally posted by @microstudi in https://github.com/coopdevs/decidim-module-action_delegator/pull/15#discussion_r492037518_