I am trying to make an app in Rails 4.
I am trying to use pundit gem for authorisations.
I have an organisation model, a preference model and a user model.
The associations are:
User.rb
has_one :organisation
Organisation.rb
belongs_to :user
has_one :preference
Preference.rb
belongs_to :organisation
In my preference policy, I am trying to set the update action, so that if the current user is the user whose id is stored in the organisation table to which the preference belongs, then the permission is granted.
I am trying:
class PreferencePolicy < ApplicationPolicy
def update?
user.present? && user.id == preference.organisation.user_id
# atrue
end
I have also tried:
def update?
user.present? && user == preference.organisation.user
# atrue
end
def update?
user.present? && user == @preference.organisation.user
# atrue
end
Each of these give an error message that says:
undefined method `organisation' for :preference:Symbol
I don't know what this message means. I can see in the console that organisation id is stored in the preference table.
I have not added the :organisation_id attribute to the strong params method in my preferences controller. This is because users should not be able to set that value themselves. It happens because the user is appointed in another model (which the admin controls).
Can anyone see what I'm doing wrong?
I have an application policy with:
def initialize(user, record)
@user = user
@record = record
end
Then in preference policy, I have:
def preference
record
end
