# `AshGrant.Explainer`
[🔗](https://github.com/jhlee111/ash_grant/blob/v0.14.1/lib/ash_grant/explainer.ex#L1)

Provides detailed explanations of authorization decisions.

This module is the implementation behind `AshGrant.explain/4`.
It evaluates permissions and builds an `AshGrant.Explanation` struct
with full details about why access was allowed or denied.

# `explain`

```elixir
@spec explain(module(), atom(), term(), map()) :: AshGrant.Explanation.t()
```

Explains an authorization decision for a resource and action.

Returns an `AshGrant.Explanation` struct with:
- The final decision (`:allow` or `:deny`)
- All matching permissions with their metadata
- All evaluated permissions with match status
- Scope information from both permissions and DSL
- Reason for denial if applicable

## Examples

    iex> AshGrant.Explainer.explain(MyApp.Post, :read, actor)
    %AshGrant.Explanation{decision: :allow, ...}

    iex> AshGrant.Explainer.explain(MyApp.Post, :read, nil)
    %AshGrant.Explanation{decision: :deny, reason: :no_matching_permissions}

---

*Consult [api-reference.md](api-reference.md) for complete listing*