graphiti-api · Zooip · Jul 20, 2022 · Jul 20, 2022
diff --git a/_site/guides/concepts/resources.html b/_site/guides/concepts/resources.html
@@ -231,12 +231,17 @@ <h4>
 <span class="k">end</span></code></pre></figure>
 
   <p>When guarding the <code class="highlighter-rouge">:readable</code> flag, the method can optionally accept the
-model instance being serialized as an argument:</p>
+model instance and the name of the attribute being serialized as arguments:</p>
 
   <figure class="highlight"><pre><code class="language-ruby" data-lang="ruby"><span class="n">attribute</span> <span class="ss">:name</span><span class="p">,</span> <span class="ss">:string</span><span class="p">,</span> <span class="ss">readable: :allowed?</span>
+<span class="n">attribute</span> <span class="ss">:age</span><span class="p">,</span> <span class="ss">:integer</span><span class="p">,</span> <span class="ss">readable: :attribute_allowed?</span>
 
 <span class="k">def</span> <span class="nf">allowed?</span><span class="p">(</span><span class="n">model_instance</span><span class="p">)</span>
   <span class="n">model_instance</span><span class="p">.</span><span class="nf">internal</span> <span class="o">==</span> <span class="kp">false</span>
+<span class="k">end</span>
+
+<span class="k">def</span> <span class="nf">attribute_allowed?</span><span class="p">(</span><span class="n">model_instance</span><span class="p">,</span> <span class="n">attribute_name</span><span class="p">)</span>
+  <span class="no">PolicyChecker</span><span class="p">.</span><span class="nf">new</span><span class="p">(</span><span class="n">model_instance</span><span class="p">).</span><span class="nf">attribute_readable?</span><span class="p">(</span><span class="n">attribute_name</span><span class="p">)</span>
 <span class="k">end</span></code></pre></figure>
 
 <a class="anchor" id="default-behavior" />
@@ -256,6 +261,16 @@ <h4>
 <span class="nb">self</span><span class="p">.</span><span class="nf">attributes_sortable_by_default</span> <span class="o">=</span> <span class="kp">false</span> <span class="c1"># default true</span>
 <span class="nb">self</span><span class="p">.</span><span class="nf">attributes_schema_by_default</span> <span class="o">=</span> <span class="kp">false</span> <span class="c1"># default true</span></code></pre></figure>
 
+  <p>As for resource defined guards, you can pass a symbol to guard the
+behavior globally. This can be used to globally delegate access control to a
+dedicated system.</p>
+
+  <figure class="highlight"><pre><code class="language-ruby" data-lang="ruby"><span class="nb">self</span><span class="p">.</span><span class="nf">attributes_readable_by_default</span> <span class="o">=</span> <span class="ss">:attribute_readable?</span> <span class="c1"># default true</span>
+
+<span class="k">def</span> <span class="nf">attribute_readable?</span><span class="p">(</span><span class="n">model_instance</span><span class="p">,</span> <span class="n">attribute_name</span><span class="p">)</span>
+  <span class="no">PolicyChecker</span><span class="p">.</span><span class="nf">new</span><span class="p">(</span><span class="n">model_instance</span><span class="p">).</span><span class="nf">attribute_readable?</span><span class="p">(</span><span class="n">attribute_name</span><span class="p">)</span>
+<span class="k">end</span></code></pre></figure>
+
 <a class="anchor" id="customizing-display" />
   <a class="header" href="#customizing-display">
     <h4>
@@ -1337,7 +1352,7 @@ <h4>
 
   <figure class="highlight"><pre><code class="language-ruby" data-lang="ruby"><span class="k">class</span> <span class="nc">Employee</span> <span class="o">&lt;</span> <span class="no">ApplicationRecord</span>
   <span class="n">has_many</span> <span class="ss">:team_memberships</span>
-  <span class="n">has_many</span> <span class="ss">:teams</span><span class="p">,</span> <span class="n">through</span> <span class="ss">:team_memberships</span>
+  <span class="n">has_many</span> <span class="ss">:teams</span><span class="p">,</span> <span class="ss">through: :team_memberships</span>
 <span class="k">end</span>
 
 <span class="k">class</span> <span class="nc">TeamMembership</span> <span class="o">&lt;</span> <span class="no">ApplicationRecord</span>

diff --git a/guides/concepts/resources.md b/guides/concepts/resources.md
@@ -113,14 +113,19 @@ end
 {% endhighlight %}
 
 When guarding the `:readable` flag, the method can optionally accept the
-model instance being serialized as an argument:
+model instance and the name of the attribute being serialized as arguments:
 
 {% highlight ruby %}
 attribute :name, :string, readable: :allowed?
+attribute :age, :integer, readable: :attribute_allowed?
 
 def allowed?(model_instance)
   model_instance.internal == false
 end
+
+def attribute_allowed?(model_instance, attribute_name)
+  PolicyChecker.new(model_instance).attribute_readable?(attribute_name)
+end
 {% endhighlight %}
 
 {% include h.html tag="h4" text="2.2 Default Behavior" a="default-behavior" %}
@@ -137,6 +142,18 @@ self.attributes_sortable_by_default = false # default true
 self.attributes_schema_by_default = false # default true
 {% endhighlight %}
 
+As for resource defined guards, you can pass a symbol to guard the
+behavior globally. This can be used to globally delegate access control to a
+dedicated system.
+
+{% highlight ruby %}
+self.attributes_readable_by_default = :attribute_readable? # default true
+
+def attribute_readable?(model_instance, attribute_name)
+  PolicyChecker.new(model_instance).attribute_readable?(attribute_name)
+end
+{% endhighlight %}
+
 {% include h.html tag="h4" text="2.3 Customizing Display" a="customizing-display" %}
 
 Pass a block to `attribute` to customize display: