Stack Overflow
Stack Overflow

Questions tagged [pundit]

Pundit provides a set of helpers that guide Ruby programmer in leveraging regular Ruby classes and object oriented design patterns to build a simple, robust and scaleable authorization system.

439 questions
0
votes
1 answer

Rails 4 with Pundit

I am trying to make an app in Rails 4. I want to use Pundit for authorisations. I also use Devise for authentication and Rolify for role management. I have a user model and am making my first policy, following along with this…
Mel
  • 2,481
  • 26
  • 113
  • 273
0
votes
1 answer

How to tell the current_user to Pundit without a controller

I am running a data extract with delayed_job that uses existing .html_erb templates that contain Pundit authorisations for example: <%if policy(client).view_contacts? %> Normally Pundit will look for a 'current_user' method in the controller to…
giorgio
  • 2,115
  • 5
  • 23
  • 39
0
votes
1 answer

authorize on self record for user

Using the pundit gem, authorization on the record id for a given user on the user model is proving to be a challenge def initialize(user, record) @user = user @record = record end def image return true if record.user_id ==…
Jerome
  • 5,583
  • 3
  • 33
  • 76
0
votes
2 answers

Rails 4: "Pundit::NotAuthorizedError"

In my Rails 4 app, there are 5 models: class User < ActiveRecord::Base has_many :administrations has_many :calendars, through: :administrations end class Calendar < ActiveRecord::Base has_many :administrations has_many :users, through:…
Thibaud Clement
  • 6,607
  • 10
  • 50
  • 103
0
votes
1 answer

Pundit not defined error for a nested controller

I'm adding a csv upload feature to my site. I want to be able to add startups to categories that I've created. I'm getting this error: Startup_policy.rb file class StartupPolicy < CategoryPolicy def create? user.present? …
user3787971
  • 457
  • 4
  • 22
0
votes
1 answer

Pundit Authorization for Basic Proposal Class

I am trying to add authorization via Pundit for my Proposal class. I have all the creation of proposals, etc set up but I also have several states with aasm_gem for proposals. drafted, published and closed. I want only users who own the proposal…
james
  • 519
  • 3
  • 10
  • 19
0
votes
1 answer

How to authorize from an especific policy in pundit (Rails)

Is there a way to specify the policy class in the authorization method in Pundit? When you do authorize @user, :show It uses the UserPolicy class, because @user is a User (Model) instance. Does anybody know a way to perform the authorize method…
mariowise
  • 2,167
  • 2
  • 21
  • 34
0
votes
1 answer

Rails Policies(Pundit) Links only displaying if user.admin?

So I have an issue with policies. When a user creates a topic they should be able to see edit and delete buttons for that topic however those buttons are not displaying. But, if the user's role is defined as admin then they can in fact see the edit…
Jeff Wilkey
  • 371
  • 1
  • 5
  • 16
0
votes
1 answer

authorize with a parent resource in Pundit

I have a Campaign model which has many Applicants. I'm currently nesting Applicants within Campaigns. I'm trying to authorize a user to applicants#index based on if they are the owner of the campaign. resources :campaigns do .. resources…
David Sigley
  • 1,126
  • 2
  • 13
  • 28
0
votes
1 answer

pundit integration can't write unknown attribute `role`

this is driving me crazy. i am trying to setup pundit with devise and everything works fine until i try to set a default role. in my case, the default role is user. when i try to login, i get the following error: ArgumentError in…
Justin Doshay
  • 99
  • 1
  • 9
0
votes
1 answer

Devise and pundit - how to restrict access to devise original views/actions

I am using Rails(4.2.1), Devise(3.4.1) and Pundit(1.0.0) and want to restrict the access to devise views(such as /users/edit) by my users role(rolify, 4.0.0). How my policy should be named or how do I specify which model is referring to ? to match…
Cassio Cabral
  • 2,652
  • 3
  • 23
  • 37
0
votes
1 answer

Can I authorize my token in params with Pundit?

We have a model that gets its own access token, like when sharing a google doc or dropbox folder. Can we use the params[:token] with Pundit's authorize method? It's a little strange to have that part in the controller and not in the policy.
blu
  • 12,905
  • 20
  • 70
  • 106
0
votes
1 answer

Pundit Policies with Joins

I have churches that use songs. With a specific song id I am trying to get the most recent usage date and the total of usages limited by whichever church the user belongs to. @usages = Usage.select("MAX(services.date) as date", :song_name, :song_id,…
jcuenod
  • 55,835
  • 14
  • 65
  • 102
0
votes
3 answers

Pundit Usage When Creating/Deleting Objects

I am creating and updating objects, my controller has: def create @mymodel = MyModel.create mymodel_params authorize @mymodel end I need to authorize create so I have added authorize @mymodel but surely this should come first? The problem…
jcuenod
  • 55,835
  • 14
  • 65
  • 102
0
votes
1 answer

How to specify the I18n locale for registered users

I'm making an app that uses globalize to translate the db. I need to be able to create an UI for admins to be only able to access specific locales so they can translate them. I am thinking two ways to do this. 1- use Pundit (see below), or 2- after…
AGirlThatCodes
  • 575
  • 7
  • 21
1 2 3
29 30