README.md in jsonapi-authorization-0.6.1 vs README.md in jsonapi-authorization-0.8.0

- old
+ new

@@ -1,16 +1,31 @@
 # JSONAPI::Authorization
 
-[![Build Status](https://travis-ci.org/venuu/jsonapi-authorization.svg?branch=master)](https://travis-ci.org/venuu/jsonapi-authorization) [![Gem Version](https://badge.fury.io/rb/jsonapi-authorization.png)](http://badge.fury.io/rb/jsonapi-authorization)
+[![Build Status](https://img.shields.io/travis/venuu/jsonapi-authorization/master.svg?style=flat&maxAge=3600)](https://travis-ci.org/venuu/jsonapi-authorization) [![Gem Version](https://img.shields.io/gem/v/jsonapi-authorization.svg?style=flat&maxAge=3600)](https://rubygems.org/gems/jsonapi-authorization)
 
-`JSONAPI::Authorization` adds authorization to the [jsonapi-resources][jr] (JR) gem using [Pundit][pundit].
+**NOTE:** This README is the documentation for `JSONAPI::Authorization`. If you are viewing this at the
+[project page on Github](https://github.com/venuu/jsonapi-authorization) you are viewing the documentation for the `master`
+branch. This may contain information that is not relevant to the release you are using. Please see the README for the
+[version](https://github.com/venuu/jsonapi-authorization/releases) you are using.
 
-***PLEASE NOTE:*** This gem currently handles only a subset of operations available in JR. This gem is still considered to be ***alpha quality*** and therefore you shouldn't rely on it on production (yet).
+ ---
 
+`JSONAPI::Authorization` adds authorization to the [jsonapi-resources][jr] (JR) gem using [Pundit][pundit].
+
   [jr]: https://github.com/cerebris/jsonapi-resources "A resource-focused Rails library for developing JSON API compliant servers."
   [pundit]: https://github.com/elabs/pundit "Minimal authorization through OO design and pure Ruby classes"
 
+## Caveats
+
+Make sure to test for authorization in your application, too. We should have coverage of all operations, though. If that isn't the case, please [open an issue][issues].
+
+This gem should work out-of-the box for simple cases. The default authorizer might be overly restrictive for [more complex cases][complex-case].
+
+The API is subject to change between minor version bumps until we reach v1.0.0.
+
+  [complex-case]: https://github.com/venuu/jsonapi-authorization/issues/15
+
 ## Installation
 
 Add this line to your application's Gemfile:
 
 ```ruby
@@ -23,31 +38,47 @@
 
 Or install it yourself as:
 
     $ gem install jsonapi-authorization
 
+## Compatibility
+
+* `v0.6.x` supports JR `v0.7.x`
+* `v0.8.x` supports JR `v0.8.x`
+
+We aim to support the same Ruby and Ruby on Rails versions as `jsonapi-resources` does. If that's not the case, please [open an issue][issues].
+
 ## Usage
 
-Make sure you have a Pundit policy specified for every backing model that your JR resources use. Then hook this gem up to your application like so:
+First make sure you have a Pundit policy specified for every backing model that your JR resources use.
 
+Hook up this gem as the default processor for JR, and optionally allow rescuing from `Pundit::NotAuthorizedError` to output better errors for unauthorized requests:
+
 ```ruby
+# config/initializers/jsonapi-resources.rb
 JSONAPI.configure do |config|
-  config.operations_processor = :jsonapi_authorization
+  config.default_processor_klass = JSONAPI::Authorization::AuthorizingProcessor
+  config.exception_class_whitelist = [Pundit::NotAuthorizedError]
 end
 ```
 
-Make all your JR controllers specify the user in the `context` if you are using the default authorizer class (see [Configuration](#configuration) below):
+Make all your JR controllers specify the user in the `context` and rescue errors thrown by unauthorized requests:
 
 ```ruby
 class BaseResourceController < ActionController::Base
   include JSONAPI::ActsAsResourceController
+  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
 
   private
 
   def context
     {user: current_user}
   end
+
+  def user_not_authorized
+    head :forbidden
+  end
 end
 ```
 
 Have your JR resources include the `JSONAPI::Authorization::PunditScopedResource` module.
 
@@ -56,53 +87,32 @@
   include JSONAPI::Authorization::PunditScopedResource
   abstract
 end
 ```
 
-If you want to send a custom response for unauthorized requests, add a `rescue_from` hook to your `BaseResourceController` and whitelist `Pundit::NotAuthorizedError` in your JR configuration.
+## Configuration
 
-## Known bugs
+You can use a custom authorizer class by specifying a configure block in an initializer file. If using a custom authorizer class, be sure to require them at the top of the initializer before usage.
 
-There is a bug affecting `jsonapi-resources` error whitelisting, see https://github.com/cerebris/jsonapi-resources/pull/573. To make your whitelisting and `rescue_from` to work properly, here is a potential workaround:
-
 ```ruby
-JSONAPI.configure do |config|
-  config.exception_class_whitelist = [Pundit::NotAuthorizedError]
+JSONAPI::Authorization.configure do |config|
+  config.authorizer = MyCustomAuthorizer
 end
 ```
 
-```ruby
-class BaseResourceController < ActionController::Base
-  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
+## Troubleshooting
 
-  private
+### "Unable to find policy" exception for a request
 
-  # https://github.com/cerebris/jsonapi-resources/pull/573
-  def handle_exceptions(e)
-    if JSONAPI.configuration.exception_class_whitelist.any? { |k| e.class.ancestors.include?(k) }
-      raise e
-    else
-      super
-    end
-  end
+The exception might look like this for resource class `ArticleResource` that is backed by `Article` model:
 
-  def user_not_authorized
-    head :forbidden
-  end
-end
 ```
-
-## Configuration
-
-You can use a custom authorizer class by specifying a configure block in an initializer file. If using a custom authorizer class, be sure to require them at the top of the initializer before usage.
-
-```ruby
-JSONAPI::Authorization.configure do |config|
-  config.authorizer = MyCustomAuthorizer
-end
+unable to find policy `ArticlePolicy` for `Article'
 ```
 
+This means that you don't have a policy class created for your model. Create one and the error should go away.
+
 ## Development
 
 After checking out the repo, run `bundle install` to install dependencies. Then, run `bundle exec rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
@@ -112,5 +122,7 @@
 Originally based on discussion and code samples by [@barelyknown](https://github.com/barelyknown) and others in [cerebris/jsonapi-resources#16](https://github.com/cerebris/jsonapi-resources/issues/16).
 
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/venuu/jsonapi-authorization.
+
+  [issues]: https://github.com/venuu/jsonapi-authorization/issues