-
Notifications
You must be signed in to change notification settings - Fork 40
Open
Description
I found what I think is an inconvenient inconsistency around inheritance; I also have a simple PR to fix it.
access_granted normally works great with inheritance. Imagine we have a Vehicle
and a Bicycle < Vehicle
. And we have a policy:
class AccessPolicy
include AccessGranted::Policy
role :user do
can :read, Vehicle
end
end
AccessPolicy.new(user).can? :read, Vehicle.new # true, of course
AccessPolicy.new(user).can? :read, Bicycle.new # still true, it works with the sub-class
But access_granted also has a convenient feature where you can check on the class instead of an instance, intended to be used with the meaning of sort of generic/any/all objects, like often for create
, but you can use it for anything:
AccessPolicy.new(user).can? :read, Vehicle # this is true too, okay
That one does NOT work with inheritance:
AccessPolicy.new(user).can? :read, Bicycle # FALSE
# I believe it should be true
I think this is a bug, or would be an improvement if above were true also. I think I have a simple PR to make it so.
Thoughts?
Metadata
Metadata
Assignees
Labels
No labels