Philippe CreuxComplex authorization rules defined with boolean expressions are hard to debug and don't allow us to tell users _why_ they can't perform a task.
That's what pundit and activepolicy rely on, though. Maybe cancan did better?
I put together a little something to define rules and compose them so that we can introspect them. WDYT?
https://gist.github.com/pcreux/16c7689cb2c5a6d28def22609bc26089
