Putting scope inside a custom module
samsondav opened this issue · 1 comments
I see that the Bodyguard.scope/3 helper automagically infers the record name from the Ecto queryable. In order for that to work, our scope must actually be defined inside the Ecto record itself.
I feel like this is too restrictive and kind of a hack. It also leads to unnecessarily fattening Ecto records. Scoping doesn't belong there - for example, we'd like to define our scopes inside a dedicated Policy file for each record, along with it's authorization logic.
How do you feel about a Bodyguard.scope/4 helper that also takes as its argument the name of the module that defines the policy? I can submit a PR if you like.
I initially had scopes be separate modules/files from my Ecto models, and my directories quickly became bloated and difficult to navigate, so I consolidated both queries AND changesets into the schema.
You have two options here:
- In your schema,
defdelegate scope(user, action, params), to: Some.Other.Scope - When calling
Bodyguard.scope/3, pass theschemaoption to override the policy module –
docs - Don't use Bodyguard scoping at all and just define plain old scoping functions