module Pundit

def authorize(user, possibly_namespaced_record, query, policy_class: nil, cache: {})

Returns:

(Object) - Always returns the passed object record

Raises:

(NotAuthorizedError) - if the given query method returned false

Parameters:

cache (#[], #[]=) -- a Hash-like object to cache the found policy instance in
policy_class (Class) -- the policy class we want to force use of
query (Symbol, String) -- the predicate method to check on the policy (e.g. `:show?`)
possibly_namespaced_record (Object, Array) -- the object we're checking permissions of
user (Object) -- the user that initiated the action

def authorize(user, possibly_namespaced_record, query, policy_class: nil, cache: {})
  record = pundit_model(possibly_namespaced_record)
  policy = if policy_class
    policy_class.new(user, record)
  else
    cache[possibly_namespaced_record] ||= policy!(user, possibly_namespaced_record)
  end
  raise NotAuthorizedError, query: query, record: record, policy: policy unless policy.public_send(query)
  record
end

Class Methods

:: included

Modules

Classes

module Pundit

def authorize(user, possibly_namespaced_record, query, policy_class: nil, cache: {})

Class Methods

Instance Methods