namespaces

[alec-c4]

Hi, is it possible to use authority in app with some namespaces? For example - i have 3 namespaces: /posts /admin/posts /moderator/posts

and i'd like to separate authorisers for different namespaces? How to do it?

[nathanl]

@alec-c4 If those are separate Post models, you can just give each one a different authorizer. If not, you'd have to find some way to let your authorizer know which context you're currently in and write your authorization methods to check that. Eg, user.can_update?(@post, context: current_namespace) or whatever makes sense in your app.

Does that help? Feel free to re-open if not.

[Seybo]

@nathanl how can I pass my custom parameters with authorize_actions_for? I tried to do like this authorize_actions_for TicketType, context: "admin" but it doesn't work. In my

class TicketTypeAuthorizer < ApplicationAuthorizer
  def self.readable_by?(user, *opts)

I dont't get anything into opts. I'm new to Rails. Could you please explain what am I doing wrong?

[christhekeele]

Hey @Seybo!

First off, correct me if I'm wrong, but your question isn't directly related to this issue about namespaces, right? You should feel free to create new issues, or better still ask general questions in the stackoverflow.com authority-gem tag.

To answer your question, though, the controller-level authorize_actions_for doesn't take custom options. This is because it takes its own options like :except and friends to control how it behaves per-action.

However, you can pass custom options toauthorize_action_for, which does take custom options. You can invoke it yourself in each action, or set it up inside your own custom before_action.

I've prepared a sample application for you mimicking your setup and demonstrating these alternatives here.

Additionally, I'll open a new issue and put together a PR that lets you pass custom options to authorize_actions_for via an :opts parameter, so that this will be possible in future versions of authority.

I hope this clears things up for you a little. Welcome to Rails!

[christhekeele]

@Seybo I have a working branch of authority that does this now, see what I did to the example to get it to work.

[Seybo]

thanks a lot @christhekeele

your question isn't directly related to this issue about namespaces, right?

Yeah, that's right. I didn't know what better to do. Answer here (it's still about passing params) or start a new issue. I have already worked it out the same way you suggested, using toauthorize_action_for and before_action.

About your working branch, how do you recommend to use it? Should I just use your gem 'authority', github: 'christhekeele/authority', branch: 'custom-opts-in-authorize_actions_for'? And if so could you suggest me what is the best way to describe this special situation in my code for the future developers? Just put a comment about this above this gem line with brief description about the change and it's purpose?

[christhekeele]

Overriding a gem source to use a branch like this is fairly common practice. I'd say as long as the branch name is descriptive, it speaks for itself.

If it's meant to be a temporary fix, you could always leave a comment documenting when the time to remove in favor of the canonical version is. In this instance I'd link to PR #114, or mention a target version of authority where you anticipate the patch being released.

In this case I'm hoping to have the new version out sometime today, so it might not even merit that. :)

If it's a longer or even permanent thing, your own fork of a gem that's no longer maintained, a cryptically named branch, or just the master branch of someone else's fork, I'd go into more detail as to why you need that particular override.

[christhekeele]

This is now available straight from master: gem 'authority', github: 'nathanl/authority'.

It's targeted for a 3.2.1 release within the week.

Note that we settled on :args instead of :opts since you can pass any number of extra arguments in the array, not just an options hash. Make sure you wrap that hash in an array before handing it off to :args, otherwise it won't behave as intended. :)

[christhekeele]

3.2.1 is out, bundle update authority should get you where you want to go.

[Seybo]

That is just great, @christhekeele. I'm on vacation now, so gonna try it in a week or so. Thanks a lot!