I see that the Bodyguard.scope/3 helper automagically infers the record name from the Ecto queryable. In order for that to work, our scope must actually be defined inside the Ecto record itself.

I feel like this is too restrictive and kind of a hack. It also leads to unnecessarily fattening Ecto records. Scoping doesn't belong there - for example, we'd like to define our scopes inside a dedicated Policy file for each record, along with it's authorization logic.

How do you feel about a Bodyguard.scope/4 helper that also takes as its argument the name of the module that defines the policy? I can submit a PR if you like.

I initially had scopes be separate modules/files from my Ecto models, and my directories quickly became bloated and difficult to navigate, so I consolidated both queries AND changesets into the schema.

You have two options here:

• In your schema, defdelegate scope(user, action, params), to: Some.Other.Scope
• When calling Bodyguard.scope/3, pass the schema option to override the policy module –
  docs
• Don't use Bodyguard scoping at all and just define plain old scoping functions