Sorry, I didn't see another place to ask a question about Pundit... Thank you for your help.
I am working on a Ruby on rails API and I would like to create an url (.../api/v1/attractions/fr) list some information about one of my models. But I've got this error message from Pundit :
Pundit::AuthorizationNotPerformedError at /api/v1/attractions/fr Api::V1::AttractionsController
and this error for verify_authorized in the lib/pundit.rb file
def verify_authorized
raise AuthorizationNotPerformedError, self.class unless pundit_policy_authorized?
end
This is my configuration :
# app/config/routes.rb
namespace :api, defaults: { format: :json } do
namespace :v1 do
resources :lines, only: [ :index, :show ] do
collection do
get '/fr', to: 'attractions#index_fr'
end
end
end
end
# app/controllers/api/v1/attractions_controller.rb
class Api::V1::AttractionsController < Api::V1::BaseController
skip_before_action :authenticate_user!
def index
@attractions = policy_scope(Attraction)
@attractions = Attraction.all
end
def index_fr
@attractions = policy_scope(Attraction)
@attractions = Attraction.all
end
end
# app/policies/application_policy.rb
class ApplicationPolicy
attr_reader :user, :record
def initialize(user, record)
@user = user
@record = record
end
def index?
false
end
def index_fr?
false
end
def create?
false
end
def new?
create?
end
def update?
false
end
def edit?
update?
end
def destroy?
false
end
def scope
Pundit.policy_scope!(user, record.class)
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
@user = user
@scope = scope
end
def resolve
scope
end
end
end
end
