def can(user, action, subject): """Checks if a given user has the ability to perform the action on a subject :param user: A user object :param action: an action string, typically 'read', 'edit', 'manage'. Use bouncer.constants for readability :param subject: the resource in question. Either a Class or an instance of a class. Pass the class if you want to know if the user has general access to perform the action on that type of object. Or pass a specific object, if you want to know if the user has the ability to that specific instance :returns: Boolean """ ability = Ability(user, get_authorization_method()) return ability.can(action, subject)
def can(self, action, subject): ability = Ability(self, get_authorization_method()) return ability.can(action, subject)