Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Write documentation for authorization API #15

Open
th1agoalmeida opened this issue Oct 8, 2015 · 0 comments
Open

Write documentation for authorization API #15

th1agoalmeida opened this issue Oct 8, 2015 · 0 comments
Labels
Discussion Needed Doc Goal Authentication help wanted
Milestone
0.1.0

Comments

@th1agoalmeida
Copy link
Member

controllers/kicking_concern.rb implements all of our authorization logic in the following methods

kick dont_kick dont_kick_people

they should fall under Goal Authentication.
Please implement documentation anywhere on README.MD explaining how they work.

Do not care so much about where to place the content as it can be moved in the future.

all controllers inside app/controllers implement at least one of the three methods mentioned above.

they do a "pre-authorization" step based on the user model which can be easily...

  1. extended by altering user.rb (view issue Extract code from UserModelRoles #12 )
  2. extended or replaced by other authorization gems such as cancan, pundit etc...
  3. or both 😄

Also note they work at both instance and class level, wrapping a before_action call

Please also open any issues regarding the implementation of KickingConcern if you think it is suitable.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Discussion Needed Doc Goal Authentication help wanted
Projects
None yet
Milestone
0.1.0
Development

No branches or pull requests
1 participant
@th1agoalmeida