update documentation on overriding authorize for namespaced policies

[wrkrb33]

The docs recommend overriding the authorize helper for controllers using namespaced policies like so:

  def authorize(record, query = nil)
    super([:admin, record], query)
  end

In my experience this worked fine under ruby 2.x, but is problematic (e.g., ignores policy_class arguments, which I need to avoid having pundit look for subclass-specific polices when using rails STI) under 3.x. I think what is actually needed is:

  def authorize(record, query = nil, policy_class: nil)
    super([:admin, record], query, policy_class: policy_class)
  end

or more generally and probably better:

  def authorize(record, query = nil, **kwargs)
    super([:admin, record], query, **kwargs)
  end

[Burgestrand]

Ah yes, I believe you're correct.

We had a discussion where I wrote a lengthy reply on a possible approach that does something very much like what you're suggesting. The discussion itself was about a heavy namespacing usage, but what I suggested there is not far from what the README could suggest: #821 (comment)