Sha256: 62a74857a54a868f12c71de3d4de73e1fed2441cd9db9687a91b6853418097eb
Contents?: true
Size: 1.68 KB
Versions: 7
Compression:
Stored size: 1.68 KB
Contents
# Namespaces
Action Policy can lookup policies with respect to the current execution _namespace_ (i.e., authorization class module).
Consider an example:
```ruby
module Admin
class UsersController < ApplictionController
def index
# uses Admin::UserPolicy if any, otherwise fallbacks to UserPolicy
authorize!
end
end
end
```
Module nesting is also supported:
```ruby
module Admin
module Client
class UsersController < ApplictionController
def index
# lookup for Admin::Client::UserPolicy -> Admin::UserPolicy -> UserPolicy
authorize!
end
end
end
end
```
**NOTE**: to support namespaced lookup for non-inferrable resources,
you should specify `policy_name` at a class level (instead of `policy_class`, which doesn't take namespaces into account):
```ruby
class Guest < User
def self.policy_name
"UserPolicy"
end
end
```
**NOTE**: by default, we use class's name as a policy name; so, for namespaced resources, the namespace part is also included:
```ruby
class Admin
class User
end
end
# search for Admin::UserPolicy, but not for UserPolicy
authorize! Admin::User.new
```
You can access the current authorization namespace through `authorization_namespace` method.
You can also define your own namespacing logic by overriding `authorization_namespace`:
```ruby
def authorization_namespace
return ::Admin if current_user.admin?
return ::Staff if current_user.staff?
# fallback to current namespace
super
end
```
**NOTE**: namespace support is an extension for `ActionPolicy::Behaviour` and could be included with `ActionPolicy::Behaviours::Namespaced` (included into Rails controllers and channel integrations by default).
Version data entries
7 entries across 7 versions & 1 rubygems