An little nicer way to handle authorization rules for your lucky app
-
Add the dependency to your
shard.yml
:dependencies: lucky_can: github: confact/lucky_can
-
Run
shards install
-
require "lucky_can"
-
create an
policies
directory where all your policies will be. Now you will Add an require for that directory to the app.cr file beforepages
require. Add this:require "./policies/**"
-
now you can create your policies in
policies
directory.
class TeamPolicy < LuckyCan::BasePolicy
can show, team, current_user do
return false if current_user.nil?
team.users.include?(current_user)
end
end
this generate following methods for you to use by an macro:
TeamPolicy.show?(team, current_user)
- for simple bool check if the user have access to the team.TeamPolicy.show_not_found?(team, current_user, context)
- Return an Lucky::RouteNotFoundError if the code in the block return false.TeamPolicy.show_forbidden?(team, current_user, context)
- Return an LuckyCan::ForbiddenError if the code in the block return false.
- Fork it (https://github.com/confact/lucky_can/fork)
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
- Håkan Nylén - creator and maintainer