Skip to content
This repository
Browse code

Won't implement.

This is impossible in some cases, hard in others,
and maybe be undesirably magical anyway.

For instance, if someone wanted to do
`link_to(@post)`, we could *maybe* determined the
controller action and method and figure out if
that's authorized or not. But if they do
`link_to ('Search', 'http://www.google.com')`,
there is truly no way for Authority to authorize
that. So `authorized_link_to` would not be usable
in that case, and it's unclear what it should do.

Finally, if the developer does the normal
`link_to(@post) if current_user.can_read?(@post)`,
it's clear to him/her how Authority will answer
that question. But with `authorized_link_to`,
there would be a layer of magic in determining
which permission to check, which would make this
harder to understand and debug.

So: not gonna do it.
  • Loading branch information...
commit a2b69de30c7bad160d92427fb1360daf92ed3d56 1 parent d56d78d
Nathan Long authored May 12, 2012

Showing 1 changed file with 0 additions and 1 deletion. Show diff stats Hide diff stats

  1. 1  TODO.markdown
1  TODO.markdown
Source Rendered
@@ -9,4 +9,3 @@
9 9
 
10 10
 ## Features
11 11
 
12  
-- It would be nice to have an `authorized_link_to` method, which determines from the given path and the user's permissions whether to show the link. Not sure yet how hard this would be.

0 notes on commit a2b69de

Please sign in to comment.
Something went wrong with that request. Please try again.