class Pundit::Context

def authorize(possibly_namespaced_record, query:, policy_class:)

Returns:

(Object) - Always returns the passed object record

Raises:

(NotAuthorizedError) - if the given query method returned false

Parameters:

policy_class (Class) -- the policy class we want to force use of
query (Symbol, String) -- the predicate method to check on the policy (e.g. `:show?`)
possibly_namespaced_record (Object, Array) -- the object we're checking permissions of

def authorize(possibly_namespaced_record, query:, policy_class:)
  record = pundit_model(possibly_namespaced_record)
  policy = if policy_class
    policy_class.new(user, record)
  else
    policy!(possibly_namespaced_record)
  end
  raise NotAuthorizedError, query: query, record: record, policy: policy unless policy.public_send(query)
  record
end

Instance Methods