search

stffn / declarative_authorization

An unmaintained authorization plugin for Rails. Please fork to support current versions of Rails
MIT License
1.24k stars 231 forks source link

Can't have privileges with different conditions in the same permission block #195

Open zeiv opened 10 years ago

zeiv commented 10 years ago

For example, the following does not work:

has_permission_on :blog_posts do
    to :read
    to :manage do
        if_attribute blog: { user_id: is { user.id } }
    end
end

Instead, you have to do this, which is not as DRY (or readable):

has_permission_on :blog_posts, to: :read
has_permission_on :blog_posts, to: :manage do
    if_attribute blog: { user_id: is { user.id } }
end

Ideally, shouldn't all a role's privileges for an object be definable in one permission block?