0

From what I understand of Pundit so far, it is geared more toward allowing the current user to perform certain actions on certain controllers, but how is it possible to extend this to cover if the user is part of a team or group that that would allow them certain actions? Or for one user to allow another user certain actions on, say, a post they created?

I like the idea of Pundit being "plain old ruby object" but I am open to working with another gem that may simplify how to do what I'm looking for. I have found a gem, Groupify (https://github.com/dwbutler/groupify), that seems to have gone cold for the past several months. I do have a requirement that anything I implement must be actively maintained so that one is disqualified. Does anything similar come to mind?

chrickso
  • 2,994
  • 5
  • 30
  • 53
  • Just anecdotal regarding a gem that has "gone cold": sometimes, things become stable and feature-complete :) – Josh Brody Jan 17 '18 at 21:56
  • with a couple dozen open issues though? it's nice to know that if an issue does pop up there is someone around to hopefully work through it. – chrickso Jan 17 '18 at 22:08
  • 1
    Issues aren't always indicative of actual issues. Hell, rails/rails has 365 open "issues" right now. – Josh Brody Jan 17 '18 at 22:12
  • 1
    it also doesn't prevent you from contributing your own code :) – Josh Brody Jan 17 '18 at 22:12
  • I am sorry but your question is unclear to me. Is your question about how to implement the parts in Pundit? Or do you want to know how to implement groups or a grant right feature (including models, controllers, etc)? If you already have groups and right grants in place then please show your code. – spickermann Jan 18 '18 at 06:22
  • any documentation on pundit i have found is focused around verifying a single user is the owner of the post being viewed/updated. i'm questioning what is the general workflow of granting permissions to a user or group that is not the original-poster. can pundit handle this on it's own or does it need additional gems/setup? there is surprisingly few resources to be found for how to implement a dynamic permissions system with rails. – chrickso Jan 18 '18 at 15:59

1 Answers1

0

use cancancan gem. This is the great solution for permission.

Sergio Belevskij
  • 2,478
  • 25
  • 24