Stack Overflow
Stack Overflow

Questions tagged [pundit]

Pundit provides a set of helpers that guide Ruby programmer in leveraging regular Ruby classes and object oriented design patterns to build a simple, robust and scaleable authorization system.

439 questions
1
vote
0 answers

Undefined method index? pundit testing in Rails

I am using Pundit for authorization in my application with rspec for testing. require 'rails_helper' describe SubjectPolicy do subject { described_class.new(user, subject) } let(:subject) { Subject.create } context 'is an administrator' do …
Trenton Tyler
  • 1,692
  • 3
  • 24
  • 53
1
vote
1 answer

Creating multiple user roles in Rails App with single login (Rails Devise, Pundit, STI? HELP)

I am currently a Rails noob, and I've been trying my best to map out the data models for this specific Rails App. I am trying to build an business Employee/Customer App where there are three types of users (Admin, Employee, and Customer). The Admin…
djskim27
  • 21
  • 2
1
vote
1 answer

Rails Pundit policy_scope on render json include fields

Continuing my previous question at: Active Model Serializer and Pundit deleting records during a Show CRUD action I have a situation where a User should not be able to view another user's unpublished chapters belonging to a Story an author…
Zhang
  • 11,549
  • 7
  • 57
  • 87
1
vote
1 answer

NoMethodError undefined method `admin?' for nil:NilClass Pundit, Devise Rails

I'm trying to integrate pundit with my active admin and devise configuration. But the app works weirdly. It takes in model/record as current_user. my policy file: class AdminUserPolicy attr_reader :current_user, :model def…
Jesse Sravya
  • 121
  • 1
  • 2
  • 9
1
vote
2 answers

Active Model Serializer and Pundit deleting records during a Show CRUD action

Okay, something is seriously broken here... I am using Active Model Serializer and Pundit for my Rails 5 JSONAPI server and Ember for my frontend application. I have User model and Pundit policy for User model which prevent non-authors from viewing…
Zhang
  • 11,549
  • 7
  • 57
  • 87
1
vote
1 answer

Rails, Devise, Pundit - authorise Profile created from Devise registration controller

Feel free to say if you think something is wrong. I extended Devise Registration controller to create a Profile object to every new user: class Users::RegistrationsController < Devise::RegistrationsController def new resource =…
Julius Dzidzevičius
  • 10,775
  • 11
  • 36
  • 81
1
vote
1 answer

Rails on Heroku: NameError: uninitialized constant ApplicationPolicy

While deploying my Rails API app to Heroku, my build is failing with the error below: -----> Detecting rake tasks sh: 2: Syntax error: Unterminated quoted string sh: 2: Syntax error: Unterminated quoted string ! ! Could not detect rake tasks …
geoboy
  • 1,172
  • 1
  • 11
  • 25
1
vote
1 answer

Different role based access for two pages with same model in activeadmin using cancan/pundit

I have a Payroll model using which I have to create two different pages in active admin, each with slight change in columns and logic. ActiveAdmin.register Payroll do end ActiveAdmin.register Payroll, as: "Customised Payroll" do end In Cancan or…
Harini
  • 25
  • 1
  • 7
1
vote
1 answer

STI and PUNDIT - unable to find policy

I have three models: class Post < ApplicationRecord class Diary < Post class FuturePlans < Post I have also included the pundit in posts_controller.rb: class BlogsController < ApplicationController include Pundit And I have a…
Tom Bom
  • 1,589
  • 4
  • 15
  • 38
1
vote
1 answer

How to customise devise to store user role information in session?

Currently we are using two separate table for Users and Roles. I am using pundit for authorisation and devise for authentication. At many places I am doing current_user.roles to fetch the roles of the user. Mostly inside pundit policy files. I want…
Deepak Kumar Padhy
  • 4,128
  • 6
  • 43
  • 79
1
vote
0 answers

Serving files through a controller with carrierwave and restricts with Pundit gem on Post model

I'm trying to upload a file of a photo with carrierwave and restrict(for be protected of others who don't be allowed to watch that file and after do this action until the post be published) the file with pundit. So I create another controller for…
rld
  • 2,603
  • 2
  • 25
  • 39
1
vote
1 answer

Pundit Authorize From Another Model

I need to authorize a project based on invites that a supplier has gotten. Supplier has a "user_id" field. project.rb has_many :invites has_many :suppliers, :through => :invites project_policy.rb class ProjectPolicy < ApplicationPolicy …
GavinBelson
  • 2,514
  • 25
  • 36
1
vote
1 answer

Pundit inheritance from another role

I've got a Rails project using Devise together with the really awesome Pundit Gem. I'm using three different roles - Superadmin, Admin and User. I was wondering if it's possible to somehow define that the superadmin has all the rights that the admin…
Bergrebell
  • 4,263
  • 4
  • 40
  • 53
1
vote
1 answer

Use pundit to deny users from admin views

I have an admin views where only the administrator is allowed to view. I am using pundit to authorize the application. How do I deny all users but admin to the admin views without creating policies (and decorate each controller with authorize ) for…
mox-du
  • 107
  • 9
1
vote
1 answer

Pundit headless policy for nested resource

How can I authorize an action from a controller without a model based on another model object? Let's say I have a model called Server and I have a nested controller called config_files_controller which doesn't have a corresponding model. I want to…
Dan F.
  • 345
  • 1
  • 3
  • 12
1 2 3
29 30