Injects route parameters into action authorize

src/Concerns/ValidateActions.php

@@ -133,8 +133,12 @@ protected function getErrorBag(Validator $validator): string
     protected function inspectAuthorization(): Response
     {
         try {
+            $routeParameters = method_exists($this, 'route') ? $this->route()->parameters() : null;
+
             $response = $this->hasMethod('authorize')
-                ? $this->resolveAndCallMethod('authorize')
+                ? ($routeParameters
+                    ? $this->resolveAndCallMethod('authorize', $routeParameters)
+                    : $this->resolveAndCallMethod('authorize'))
                 : true;
         } catch (AuthorizationException $e) {
             return $e->toResponse();

tests/AsControllerWithAuthorizeAndRulesTest.php

@@ -32,9 +32,25 @@ public function handle(ActionRequest $request)
     }
 }
 
+class AsControllerWithAuthorizeBindingsTest
+{
+    use AsController;
+
+    public function authorize(string $someRouteParameter): bool
+    {
+        return $someRouteParameter !== 'unauthorized';
+    }
+
+    public function handle(ActionRequest $request, string $someRouteParameter)
+    {
+        return [$someRouteParameter];
+    }
+}
+
 beforeEach(function () {
     // Given the action is registered as a controller.
     Route::post('/calculator', AsControllerWithAuthorizeAndRulesTest::class);
+    Route::get('/authorize-bindings/{someRouteParameter}', AsControllerWithAuthorizeBindingsTest::class);
 });
 
 it('passes authorization and validation', function () {
@@ -86,3 +102,8 @@ public function handle(ActionRequest $request)
     $this->post('/calculator', ['operation' => 'invalid'])
         ->assertSessionHasErrors(['operation', 'right', 'left']);
 });
+
+it('resolves route parameters as authorization arguments', function () {
+    $this->get('/authorize-bindings/authorized')->assertOk()->assertExactJson(['authorized']);
+    $this->get('/authorize-bindings/unauthorized')->assertForbidden();
+});