-
Notifications
You must be signed in to change notification settings - Fork 40
Description
This relates to #32, but since it's been a couple years I thought it was worth opening a new issue.
I would LOVE it if access-granted could have a special "role" that is checked for nil current_user.
With the advice in #32, you can create a special NullUser, which is not so so bad, but you do have to keep it in sync with any possible methods on your real user you may reference in a role condition lambda.
I think there could be a pretty simple implementation in access-control that would save you from boilerplate code requiring ongoing maintenance -- for what I'd think would be a fairly common use case, I'm kind of surprised the authors and current users of access-granted haven't needed it.
If current_user is nil, assume no roles match, for present roles, short circuit it and don't try on nil.
But add some way to declare a "role" that looks just like current role definitions, but applies always and only when current_user is nil. It might be easiest to simply add new syntax:
nil_user_role do
can :read, Post do |post|
post.public?
end
end