Stack Overflow
Stack Overflow

Questions tagged [pundit]

Pundit provides a set of helpers that guide Ruby programmer in leveraging regular Ruby classes and object oriented design patterns to build a simple, robust and scaleable authorization system.

439 questions
1
vote
0 answers

How to mock or setup current_user in sinatra using Pundit for unit testing?

In my app.rb file i have the following setup for current_user class Application < Sinatra::Base include Pundit use JWTAuthorization def current_user env[:user] end delete '/users/:user_id' do user =…
Marcelo Fonseca
  • 1,705
  • 2
  • 19
  • 38
1
vote
2 answers

Rails API: Use Pundit outside controllers - in rake tasks

I'm using Pundit in some Rails API controllers and wonder how it will work/escaped outside of it, for example in Rake tasks. I haven't played around with it yet. Can we skip the authorization in a Rake task? In this case, it will be run as ActiveJob…
belgoros
  • 3,590
  • 7
  • 38
  • 76
1
vote
2 answers

How to use Pundit policy for two different models?

I have three models. User has_many :projects Project has_many :users Website belongs_to :project has_many :users I also use Active Admin and Pundit to manage my project and permissions. I need to control users to reach website objects if…
Muhammed Tüfekyapan
  • 105
  • 8
1
vote
0 answers

Setting up rails_admin with Pundit 2 - do I need the rails_admin_pundit gem? How to do without?

I'm introducing the RailsAdmin gem in my app. I already use Pundit 2 for authorization. I'd like to use Pundit to deal with authorization – for now, simply give every admin the access to RailsAdmin, and keep other users out. In the future, it may be…
vindve
  • 23
  • 3
1
vote
1 answer

Pundit : how to give the possibility to the user to have access either to all the gardens or only to his ownes?

I'm trying to define 2 possible index for the users, to give them either the possibility to have access to all the published gardens or only to the one they pusblished on their own (2 different pages). I am completely lost when doing it with pundit…
Julie
  • 25
  • 2
  • 10
1
vote
1 answer

Getting error when trying to create a user after installing pundit

I get the following error whenever I try to create a new user after I installed pundit within my project. It seems as if it can't find pundit, even though I installed it and included the gem and ran bundle install. app_1 |…
razvanusc
  • 169
  • 3
  • 15
1
vote
1 answer

Pundit keeps asking me to be logged in

I am building a simple website where people can upload their poems and writing new ones. I am trying to use Pundit so that: Everyone can see all the poems/poetries (in index) Only logged in user can create a poetry Only the user who create the…
Magofoco
  • 5,098
  • 6
  • 35
  • 77
1
vote
1 answer

How to use Pundit to authorize admin users to see delayed job web?

I am very new to Rails and Ruby but I am involved on a project as a trainee, which uses Pundit for authorization of users. Our project uses delayed_job_active_record gem and I wanted to add delayed_job_web for a quick and easy view of jobs. I can…
patrick_a06
  • 65
  • 7
1
vote
1 answer

I need to override pundit scope but I don't know how to

I have a question about Pundit. Basically I want to do this: class Scope < Scope def resolve scope.select {|employee| (employee.restaurant == @restaurant) && employee.actif} end end but I don't know how I can pass @restaurant from my…
Maxim
  • 39
  • 3
  • 11
1
vote
1 answer

Company-specific user permissions in a rails application

My application uses Devise for authentication, CanCanCan for authorization, and RailsAdmin for admin. Currently there are users who are considered "admins" and they can access anything in the application, and there are a couple other types of users…
pixelcandy
  • 109
  • 6
1
vote
1 answer

How do I write a request RSpec for a request that should fail behind Pundit's authorization mechanism?

I set up Pundit to guard a bunch of request paths, and it's working fine. In particular, if I hit /api/users/:id with a PATCH request, passing the relevant parameters, I get a 403 if I'm not authenticated. Then I wrote this spec context 'When logged…
Morpheu5
  • 2,610
  • 6
  • 39
  • 72
1
vote
1 answer

Ruby loads the methods at run time or compile?

I'm working on a platform and they asked me to integrate the Pundit gem. When creating a policy I realized that many methods had the same access control policy. Example: Action1: Only accessible by the administrator or owner of the resource Action2:…
José Antonio Camus Godoy
  • 161
  • 1
  • 14
1
vote
1 answer

Pundit and ActiveRecord merged joins

I am using the Pundit gem to role scope my application and have found some difficulties merging ActiveRecord queries. I am working with Rails 5.1.4. See I have three models, lets say Classroom, Student and Exam with: Classroom has_many :students &…
pelarejo
  • 109
  • 7
1
vote
2 answers

How to write a Pundit policy with 3 or statements?

I have a Pundit policy that's working properly, but the way I've written it doesn't seem to be the "best" way to express this. It's a policy with three "or" statements. Here's the code: def update? user.admin? or user.moderator? || user.id ==…
Lee McAlilly
  • 9,084
  • 12
  • 60
  • 94
1
vote
1 answer

Pundit AuthorizationNotPerformedError/PolicyScopingNotPerformedError

I'm new with the Pundit gem and I'm stuck on something. I try to show a list with multiple records but I always get the error AuthorizationNotPreformedError. What do I do wrong? Controller: def planning @plans = Order.all authorize…
F. LK
  • 75
  • 1
  • 10
1 2 3
29 30