Using with Ruby applications

Action Policy is designed to be independent of any framework and does not have specific dependencies on Ruby on Rails.

You can write your policies for non-Rails applications the same way as you would do for Rails applications.

In order to have authorize! / allowed_to? / authorized methods, you will have to include ActionPolicy::Behaviour into your class (where you want to perform authorization):

class PostUpdateAction
  include ActionPolicy::Behaviour

  # provide authorization subject (performer)
  authorize :user

  attr_reader :user

  def initialize(user)
    @user = user
  end

  def call(post, params)
    authorize! post, to: :update?

    post.update!(params)
  end
end

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

non_rails.md

non_rails.md

Using with Ruby applications

Files

non_rails.md

Latest commit

History

non_rails.md

File metadata and controls

Using with Ruby applications