Pundit provides a set of helpers that guide Ruby programmer in leveraging regular Ruby classes and object oriented design patterns to build a simple, robust and scaleable authorization system.
Questions tagged [pundit]
439 questions
0
votes
1 answer
Rails Pundit access to the params or object
I've got two models - Physician and Patient. Physician can only give recommendations to patients who have completed the phone number on their account, otherwise the physician should be redirected to the edit patient page. Below is my…
mr_muscle
- 2,536
- 18
- 61
0
votes
1 answer
Rails 5 - Pundit policy for the new required model field
I want to change one phone user field to be required. When the existing user does not have this field set (did not have to provide a phone number beforehand) it should redirect to the user_edit page and display Phone is required message below form.…
mr_muscle
- 2,536
- 18
- 61
0
votes
2 answers
How to allow users to create content without logging in (Rails, Devise)
I'm creating a to-do list app and I want users to be able to create a list without logging in and only log in when they wish to save their list. Right now I'm using Devise, where I created a belongs_to association of the activity to the user. The…
Kristina Balciunaite
- 21
- 4
0
votes
0 answers
Pundit don't see user
I am a newbie when it comes to RubyOnRails. Recently while working with the gem pundit I encountered a problem. Pundit during function sort? authorization does not see the logged in user that is @user = nill. I don't know what the problem is because…
KozaK
- 33
- 5
0
votes
0 answers
Best/Improved way to rescue missing records in Rails 6 when also using pundit?
I'm currently using pundit to authorise my controller methods.
after_action :verify_authorized
I am also currently use Bugsnag to catch unhandled errors.
I have an application with relatively ephemeral records used by a large audience and often I…
Ben Richardson
- 27
- 4
0
votes
1 answer
Rails handle multistep survey with Pundit - redirect to different pages depends on case result of one policy
In my App user to have full access to the app needs to pass survey after account confirmation. Survey has 2 steps:
questions (in which the user answers questions; controller: TestResultsController, model: TestResult)
experience level (inside of…
mr_muscle
- 2,536
- 18
- 61
0
votes
3 answers
Rais app user specific index is showing to all users
I made a app for managing personal library (books and comics) and it was working well but all of the suddent it started to show to all users (new or existing) all the books that were introduced by a given user (it seems to display the entire db);…
Funk Dr
- 31
- 5
0
votes
1 answer
Rails pundit scope does not return from or block
In my app I want to prevent the user from taking the Legal Test again. To do so I'm using pundit authorization with below policy:
class TestResultPolicy < ApplicationPolicy
def new?
!passed? || validation_not_finished?
end
private
def…
mr_muscle
- 2,536
- 18
- 61
0
votes
1 answer
Understanding moneky patched implementation of Pundit from Rails 3 to 4
As part of this migration work I have been doing, I came across a monkey patched initialization of pundit. I'm understanding it for the most part but there is a part that is causing me errors:
module Pundit
class << self
def authorize; raise…
Dynelight
- 2,072
- 4
- 25
- 50
0
votes
1 answer
Pundit::AuthorizationNotPerformedError
This is what I get going on the recipe show page:
My Controller looks like that:
class RecipesController < ApplicationController
skip_before_action :authenticate_user!, only: [:index, :show]
def index
if params[:query].present?
…
Witta
- 15
- 5
0
votes
0 answers
Rails/Devise/Pundit => How to access Pundit authorization and current_user in Rails Presenter?
I need to call Pundit authorization in a Rails Presenter.
I included Pundit so I can call policy function.
But Pundit does not know current_user.
(Rails 6 / Devise / Pundit)
Is there a way to do this ?
app/presenter/cause_presenter.rb
class…
LiKaZ
- 306
- 3
- 9
0
votes
1 answer
Testing pundit for create action with a third parameter
The problem in testing a create action is that the object is not already created. Thus a class policy initialisation could state:
def initialize(user, promotion)
@user = user
@promotion = promotion
end
with @shop = @promotion.shop_id added to…
Jerome
- 5,583
- 3
- 33
- 76
0
votes
1 answer
Pundit defining current_user
I am building a rails API and I'm using pundit for authorizations to the API. I am trying to define current_user for pundit with this method:
def pundit_user
User.find_by_other_means
end
I tried implementing it as a private method in my API base…
problems
- 95
- 1
- 8
0
votes
0 answers
set instance variable per convention is failing
The following controller private method
def set_promotion
@promotion = Promotion.find(params[:id])
if !current_shopkeeper.nil?
@current_user = User.where(['email = ?', current_shopkeeper.email]).first
end
end
generates the @current_user,…
Jerome
- 5,583
- 3
- 33
- 76
0
votes
2 answers
Rails 6 - Pundit "policy wrapper"
I am a little stuck with Pundit: It feels that the solution should be easy - but I am not getting it. Actually I have a bunch of models which are all dependent on one main model. My main model is a script. The script has many roles, many scenes,…
PixAff
- 309
- 4
- 14