cc @konung
I’ve taken a cursory look at LuckyCan, and it should be possible, even easy, to integrate with Shield.
Define your policies as usual with LuckyCan, and in any action, you can do:
def authorize? : Bool
#current_user!.level.admin? || post.user_id == current_user!.id
# Call the relevant authorization engine's helper here
# This is for *LuckyCan*, but could be *Praetorian* or similar
PostPolicy.create?(post, current_user!)
end
I should probably add this to the documentation.