<p>I think so, and long term it should mean we can get rid of <code>setup_user_auth</code> and having to remember to call it on requests that may need to be authorised and just have the CanCan setup trigger the checks automatically.</p>
<p>Fully achieving that will require also handling basic auth when setting up abilities. Plus we'll have to figure out what to do with the user blocks check...</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2023#issuecomment-432694867">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ABWnLcC7sCPvZiSJjL1PVPI_qHu9U3dTks5uoIDegaJpZM4XVheR">mute the thread</a>.<img src="https://github.com/notifications/beacon/ABWnLWWuzmWQupGqax891Mg4c9t9g9XDks5uoIDegaJpZM4XVheR.gif" height="1" width="1" alt="" /></p>
<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/openstreetmap/openstreetmap-website","title":"openstreetmap/openstreetmap-website","subtitle":"GitHub repository","main_image_url":"https://assets-cdn.github.com/images/email/message_cards/header.png","avatar_image_url":"https://assets-cdn.github.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/openstreetmap/openstreetmap-website"}},"updates":{"snippets":[{"icon":"PERSON","message":"@tomhughes in #2023: I think so, and long term it should mean we can get rid of `setup_user_auth` and having to remember to call it on requests that may need to be authorised and just have the CanCan setup trigger the checks automatically.\r\n\r\nFully achieving that will require also handling basic auth when setting up abilities. Plus we'll have to figure out what to do with the user blocks check..."}],"action":{"name":"View Pull Request","url":"https://github.com/openstreetmap/openstreetmap-website/pull/2023#issuecomment-432694867"}}}</script>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/pull/2023#issuecomment-432694867",
"url": "https://github.com/openstreetmap/openstreetmap-website/pull/2023#issuecomment-432694867",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
},
{
"@type": "MessageCard",
"@context": "http://schema.org/extensions",
"hideOriginalBody": "false",
"originator": "AF6C5A86-E920-430C-9C59-A73278B5EFEB",
"title": "Re: [openstreetmap/openstreetmap-website] WIP: Move to CanCanCan for authorization (#2023)",
"sections": [
{
"text": "",
"activityTitle": "**Tom Hughes**",
"activityImage": "https://assets-cdn.github.com/images/email/message_cards/avatar.png",
"activitySubtitle": "@tomhughes",
"facts": [

]
}
],
"potentialAction": [
{
"name": "Add a comment",
"@type": "ActionCard",
"inputs": [
{
"isMultiLine": true,
"@type": "TextInput",
"id": "IssueComment",
"isRequired": false
}
],
"actions": [
{
"name": "Comment",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"IssueComment\",\n\"repositoryFullName\": \"openstreetmap/openstreetmap-website\",\n\"issueId\": 2023,\n\"IssueComment\": \"{{IssueComment.value}}\"\n}"
}
]
},
{
"name": "Close pull request",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"PullRequestClose\",\n\"repositoryFullName\": \"openstreetmap/openstreetmap-website\",\n\"pullRequestId\": 2023\n}"
},
{
"targets": [
{
"os": "default",
"uri": "https://github.com/openstreetmap/openstreetmap-website/pull/2023#issuecomment-432694867"
}
],
"@type": "OpenUri",
"name": "View on GitHub"
},
{
"name": "Unsubscribe",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"MuteNotification\",\n\"threadId\": 391518097\n}"
}
],
"themeColor": "26292E"
}
]</script>