sergii · June 11, 2021 13:21
diff --git a/intersection_authorize.rb b/intersection_authorize.rb
 class PaymentsController < AuthenticatedController
  before_action { authorize!(roles: [:superuser], abilities: [:charge_user, :manage_payments]) }
 end

 class AuthenticatedController < ApplicationController
  def authorize!(roles: [], abilities: [])
    # current
    (roles & current_user.roles).any? || (abilities & current_user.abilities).any?
    
    # desired
    roles.intersect?(current_user.roles) || abilities.intersect?(current_user.abilities)
  end
 end
	class PaymentsController < AuthenticatedController
	before_action { authorize!(roles: [:superuser], abilities: [:charge_user, :manage_payments]) }
	end

	class AuthenticatedController < ApplicationController
	def authorize!(roles: [], abilities: [])
	# current
	(roles & current_user.roles).any? \|\| (abilities & current_user.abilities).any?

	# desired
	roles.intersect?(current_user.roles) \|\| abilities.intersect?(current_user.abilities)
	end
	end