From 462bcc7a76f4de8c34aef48969d7e773f46d0e22 Mon Sep 17 00:00:00 2001 From: Pantelis Vratsalis Date: Fri, 6 Mar 2015 09:52:54 +0200 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9f570d7..599f112 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ class PostPolicy < DeadSimpleAuthorization::Policy::Base end ``` -That's it! Now, by including DeadSimpleAuthorization::Helpers in a controller for example, we can check permissions with either can? or authorize method this way: +Note that the Policy objects are instantiated with user and resource, so in this case user holds the user passed to the can? or authorize methods and resource a Post instance. That's it! Now, by including DeadSimpleAuthorization::Helpers in a controller for example, we can check permissions with either can? or authorize method this way: ```ruby can?(current_user, :update, post)