From 22cbd11b05bc0f156e038a1e29d7035e4f66fcc2 Mon Sep 17 00:00:00 2001
From: Alexandre Narbonne <alexandre.narbonne@gadz.org>
Date: Mon, 22 Feb 2016 16:22:45 +0100
Subject: [PATCH] Add data to create authorization

---
 lib/jsonapi/authorization/authorizing_operations_processor.rb | 3 ++-
 lib/jsonapi/authorization/default_pundit_authorizer.rb        | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/jsonapi/authorization/authorizing_operations_processor.rb b/lib/jsonapi/authorization/authorizing_operations_processor.rb
index 8722e428..4b20a213 100644
--- a/lib/jsonapi/authorization/authorizing_operations_processor.rb
+++ b/lib/jsonapi/authorization/authorizing_operations_processor.rb
@@ -86,8 +86,9 @@ def authorize_replace_fields
 
       def authorize_create_resource
         source_class = @operation.resource_klass._model_class
+        data = @operation.data
 
-        authorizer.create_resource(source_class, related_models)
+        authorizer.create_resource(source_class, related_models, data)
       end
 
       def authorize_remove_resource
diff --git a/lib/jsonapi/authorization/default_pundit_authorizer.rb b/lib/jsonapi/authorization/default_pundit_authorizer.rb
index e21b4bf1..302ea9d2 100644
--- a/lib/jsonapi/authorization/default_pundit_authorizer.rb
+++ b/lib/jsonapi/authorization/default_pundit_authorizer.rb
@@ -107,7 +107,7 @@ def replace_fields(source_record, new_related_records)
       # * +related_records+ - An array of records to be associated to the new
       #   record. This will contain the records specified in the
       #   "relationships" key in the request
-      def create_resource(source_class, related_records)
+      def create_resource(source_class, related_records, data)
         ::Pundit.authorize(user, source_class, 'create?')
 
         related_records.each do |record|