Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@stephendolan
stephendolan authored May 6, 2023
1 parent b5f23f0 commit ffa60b3
Showing 1 changed file with 13 additions and 6 deletions.
19 changes: 13 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,28 +76,35 @@ The easiest way to create new policies is to use the built-in Lucky task! After

Your policies must inherit from the provided [`ApplicationPolicy(T)`](src/pundit/application_policy.cr) abstract class, where `T` is the model you are authorizing against.

For example, the `BookPolicy` we created with `lucky gen.policy Book` looks like this:
For example, the `BookPolicy` we created with `lucky gen.policy Book` might look like this:

```crystal
class BookPolicy < ApplicationPolicy(Book)
def index?
false
# If you want to either allow or deny all visitors, simply return `true` or `false`
true
end

def show?
false
# You can reference other methods if you want to share authorization between them
update?
end

def create?
false
# Only signed-in users can create books
return false unless signed_in_user = user
end

def update?
false
# Only the owner of a book can update it
return false unless requested_book = record

requested_book.owner == user
end

def delete?
false
# You can reference other methods if you want to share authorization between them
update?
end
end
```
Expand Down

0 comments on commit ffa60b3

Please sign in to comment.