search

cpjk / canary

:hatching_chick: Elixir authorization and resource-loading library for Plug applications.
MIT License
474 stars 51 forks source link

Actions :index, :new, :create passes module, not struct #20

Closed angeloashmore closed 9 years ago

angeloashmore commented 9 years ago

When defining abilities for :index, :new, and :create, _authorize_resource/2 passes the module to can?/3, not a struct.

This means defining abilities requires doing this:

def can?(%User{}, action, Item) when action in [:index, :new, :create], do: true
def can?(%User{}, action, %Item{}) when action in [:show], do: true

Rather than just:

def can?(%User{}, action, %Item{}) when action in [:index, :new, :create, :show], do: true

It makes sense in that at index, new, and create, you have no instance of the model so it would not pass a struct.

Maybe this needs to be mentioned in the docs or change the behavior?

angeloashmore commented 9 years ago

Just saw this is mentioned in the @docs, but not in the README. Oops!

cpjk commented 9 years ago

Thanks for pointing that out! I'll add it to the README.md as well :smile:.