From eb79568b87ee84e2403244f30206f7a96c4ac484 Mon Sep 17 00:00:00 2001
From: Lukas <lukas@slucky.de>
Date: Wed, 12 Oct 2022 18:52:11 +0200
Subject: [PATCH] docs: add gotcha for not allowed to get on users (#74)

---
 docs/gotchas.md | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/docs/gotchas.md b/docs/gotchas.md
index cecb65f..cf0caad 100644
--- a/docs/gotchas.md
+++ b/docs/gotchas.md
@@ -48,4 +48,34 @@ const ability = defineAbility((can, cannot) => {
   can("read", "users", ["id", "name", "email"], { id: { $ne: 1 } });
   can("read", "users", { id: user.id });
 });
-```
\ No newline at end of file
+```
+
+## You're not allowed to get on 'users'
+
+To prevent the error `You're not allowed to get on 'users'`, you need to define the abilities right after your `authenticate()` hook and before the `authorize()` hook for the `get` method of the user service.
+
+```js
+// src/services/users/users.hooks.js
+
+module.exports = {
+  before: {
+    get: [
+      authenticate('jwt'),
+      
+      // Add this to set abilities, if a user exists
+      context => {
+        if (context.params.ability) { return context; }
+        const { user } = context.params
+        if (user) context.params.ability = defineAbilitiesFor(user)
+        return context
+      }
+
+      authorize({ adapter: 'feathers-mongoose' }),
+    ]
+
+    // ...
+  },
+
+  // ...
+};
+```