fix: implicit_authorization on default authorization service

app/controllers/avo/associations_controller.rb

@@ -154,7 +154,7 @@ def authorize_if_defined(method, record = @record)
 
       if @authorization.has_method?(method.to_sym)
         @authorization.authorize_action method.to_sym
-      elsif Avo.configuration.authorization_client.present? && Avo.configuration.implicit_authorization
+      elsif [email protected]_a?(Avo::Services::AuthorizationService) && Avo.configuration.implicit_authorization
         raise Avo::NotAuthorizedError.new
       end
     end

lib/avo/concerns/checks_assoc_authorization.rb

@@ -34,8 +34,10 @@ def authorize_association_for(policy_method)
 
         if service.has_method?(method_name, raise_exception: false)
           service.authorize_action(method_name, record:, raise_exception: false)
-        else
+        elsif !service.is_a?(Avo::Services::AuthorizationService)
           !Avo.configuration.implicit_authorization
+        else
+          true
         end
       end
     end

lib/avo/fields/has_base_field.rb

@@ -99,8 +99,10 @@ def authorized?
 
         if service.has_method? method
           service.authorize_action(method, raise_exception: false)
-        else
+        elsif !service.is_a?(Avo::Services::AuthorizationService)
           !Avo.configuration.implicit_authorization
+        else
+          true
         end
       end
 

spec/dummy/config/initializers/avo.rb

@@ -32,6 +32,8 @@
   config.locale = :en
   # config.raise_error_on_missing_policy = true
   # config.authorization_client = "Avo::Services::AuthorizationClients::ExtraPunditClient"
+  # Shouldn't impact on community only if custom authorization service was configured.
+  config.implicit_authorization = true
 
   ## == Customization ==
   config.id_links_to_resource = true