Add support for custom policy namespace lookup from controllers and view...

[DanOlson]

...s. Fixes #178

[thomasklemm]

While I can see the need for that, it looks weird to me and I guess I'd forget the namespace sometimes (so it would error silently and pick the wrong policy). Can we make this easier to use? I guess we can assume that all policy calls in a template should start looking for a policy in the same namespace.

[DanOlson]

This doesn't change any existing behavior, it just allows for passing a custom namespace if one can't (or shouldn't) be inferred from the controller. I don't think it would silently pick the wrong policy any more often that it would currently.

[thomasklemm]

Well, authorize @record (in master) looks up the parent namespace: Source. We might be able to determine the namespace the view is rendered from via params[:controller], and pass it in. Behaves like authorize @record then.

[DanOlson]

The issue describes a problem where the Admin::Tag policy is desired from a non-namespaced controller TagsController. I've maintained the existing lookup of the parent namespace when one is not provided explicitly here.

But, I might be misunderstanding what you're saying.

[thomasklemm]

I'm saying that I'm not sure that self.class.parent will lead us to the namespace expected namespace when calling the policy helper from a view. Could you check whether this works at all with the current master?

[thomasklemm]

BTW, personally I'd prefer admin_policy(@record) over policy(@record, namespace: 'Admin') for use in the view. Since we won't generate that automatically, you should wrap policy yourself for your primary namespaces.

admin_policy(@record)

# e.g. app/helpers/policy_helper.rb
module PolicyHelper
  def admin_policy(record, options = {})
    policy(record, options.reverse_merge(namespace: 'Admin'))
  end
end

[thomasklemm]

Thanks Dan for this PR, it looks good 👍

[jnicklas]

Support for namespaces has been yanked. Closing.