binarypaladin
commented
10 years ago You know what, after actually spending time with the gem this isn't an issue. Ha! Never mind.
Closed binarypaladin closed 10 years ago
binarypaladin
commented
10 years ago You know what, after actually spending time with the gem this isn't an issue. Ha! Never mind.
nathanl
commented
10 years ago :) No problem. If it ever does bother you, you could always make some more focused modules based on the original here: https://github.com/nathanl/authority/blob/master/lib/authority/abilities.rb
Controllers get a lot of love for customizing. However, in looking through the docs and the code it appears that the abilities that get added to a model are all or nothing.
What's the best method to handle this? For instance, in an app I'm working on I have some models that fit the very simple CRUD permissions, however there are some other models that have some fairly granular permissions in terms of what specifically can be read and/or updated.
What ends up happening is that while most models need a few delegated methods, ALL models get the full list even though many don't even apply.
At the moment it's not a functional problem because methods that aren't needed can be ignored, but for the sake of clarity it's a bit of an issue. It would be nice if I could define abilities on the authorizer itself or if, during inclusion it all of the "is_*_by" methods could automatically forwarded.