Highest Voted 'pundit' Questions

5

votes

1 answer

Rails: Testing authorization (Pundit) with RSpec

I'd like to thoroughly test a Rails application authorization setup (Pundit) with RSpec. The Pundit docs and other respectful sources suggest writing unit tests for Pundit policy classes. Are those tests testing behavior (good) or implementation…

asked Jun 01 '17 at 19:25

BrunoF

3,239
26
39

5

votes

1 answer

Getting Pundit authorization working with Namespaces on Rails 5

Question about getting Rails 5 and Pundit authorization working with Namespaces. With Pundit, in the controller I wanted to use policy_scope([:admin, @car] which will use the Pundit policy file located in: app/policies/admin/car_policy.rb. I'm…

ruby-on-rails ruby ruby-on-rails-5 pundit

asked Feb 25 '17 at 09:46

Wasabi Developer

3,523
6
36
60

5

votes

1 answer

Rails_admin and pundit: undefined method `policy' for #

I'm on rails 5 and I'm trying to implement authorizations with pundit for my rails_admin panel. So I included pundit in my application controller and installed the rails_admin_pundit gem as you can see in this snippet of my Gemfile: gem…

ruby-on-rails rails-admin pundit

asked Nov 02 '16 at 10:14

Badr Tazi

749
1
6
20

5

votes

1 answer

Attribute level authorization in views with pundit

I'm using pundit for authorization in a rails app. For some models, I want attribute-level authorization. For example, a normal user is allowed to change his phone number but can't set his status to "administrator". As recommended in the Pundit…

ruby-on-rails authorization pundit

asked Apr 18 '16 at 06:33

bmesuere

502
3
12

5

votes

2 answers

How to automatically remove Active Admin form inputs with Pundit permitted attributes?

I have a Rails 4 app using Active Admin 1.0.0.pre1 in conjunction with pundit 0.3.0 for authorization which has worked flawlessly thus far, but I'm having trouble figuring out a good way automatically customize forms based on a user's role. Given…

ruby-on-rails-4 activeadmin pundit

asked Apr 07 '15 at 16:39

Ben Carney

61
6

5

votes

3 answers

undefined method 'authorize' with Pundit

I've installed the gem Pundit in my Rails app, and have followed the instructions in the README carefully. However, when I use authorize in any of my controllers, I get the error message "undefined method 'authorize' for . Also, when I try to use…

ruby-on-rails pundit

asked Dec 01 '14 at 20:57

Ellen W

217
4
16

5

votes

2 answers

Skip pundit scope on one controller

I want to skip the policy_scope requirement fro Pundit on one controller (home). I have tried this: class ApplicationController < ActionController::Base include Pundit after_action :verify_authorized, :except => :index, unless:…

ruby-on-rails-4 pundit

asked Sep 03 '14 at 18:20

MechDog

508
7
18

4

votes

2 answers

How to use Pundit with Actioncable (Rails 5)

I am wondering how to limit the connection to a channel or the streaming of messages over a channel in rails5. Currently I groups with users in the groups working with pundit and the connection to the websocket happens within that group. If a…

ruby-on-rails-5 actioncable pundit

asked May 23 '17 at 19:25

Billy Ferguson

1,429
11
23

4

votes

1 answer

Rails 5 - how to use Pundit

I've had a long break from my 2 years of effort in trying to learn how to use pundit in my rails app. I'm back and trying to learn how to use pundit. I've made a completely new rails 5 app and installed pundit. I have a user resource, an…

ruby-on-rails ruby pundit

asked Oct 04 '16 at 09:04

Mel

2,481
26
113
273

4

votes

1 answer

how to use namespace in gem Pundit

I have 2 controller, 1 for user and 1 for admin. controllers/articles_controller.rb class ArticlesController < ActionController::Base ... def show @article = Article.find(parmas[:id]) authorize @article end …

ruby-on-rails ruby ruby-on-rails-4 pundit

asked May 25 '16 at 08:35

bav ko ten

502
7
24

4

votes

1 answer

authorization rails_admin with pundit

I use pundit gem to authorization. In my file config/initializers/rails_admin.rb RailsAdmin.config do |config| config.authorize_with :pundit config.current_user_method(&:current_user) ...... end I follow the instructions in…

ruby-on-rails ruby ruby-on-rails-4 rails-admin pundit

asked Mar 29 '16 at 15:36

bách trần nguyên

73
8

4

votes

1 answer

Field level permissions using CanCanCan or Pundit

I am currently using Rails 4.1.14 with CanCanCan 1.13.1 and defined granular permissions on model/record level. Admins can manage all articles but users can edit only articles they authored. To prevent regular users for editing specific fields I…

ruby-on-rails-4 devise rails-admin pundit cancancan

asked Jan 16 '16 at 00:23

Dmitry Polyakovsky

1,535
11
31

4

votes

2 answers

Active Admin, Devise and Pundit (Pundit::PolicyScopingNotPerformedError)

I have an existing Rails app with Devise authenticating the User model and Pundit authenticating against an Enrollment model which links User to my Company model. Both User and Company are in the public schema of the apartment gem. I don't suspect…

ruby-on-rails devise activeadmin pundit

asked Jan 07 '16 at 20:35

Dan Tappin

2,692
3
37
77

4

votes

1 answer

Pundit: Ensure current_user is user from params

Apparently, you can't access the params hash in a Pundit policy. It makes sense that they want to expose as little information to the policies as possible. But one use case I'm running into, which I would think would be quite common, is to check…

ruby-on-rails authorization pundit

asked Jan 04 '16 at 17:12

nickcoxdotme

6,567
9
46
72

4

votes

1 answer

Pundit: auhorize Index in nested resources

Using Rails 4.2.4 with Devise (3.5.2) and Pundit (1.0.1). Decent_exposure (2.3.2). I have a simple nested associaton for User and Idea: class User < ActiveRecord::Base has_many :ideas ... class Idea < ActiveRecord::Base belongs_to :user ... In…

ruby-on-rails-4 nested authorization pundit

asked Oct 23 '15 at 13:36

Galen

957
5
16

Questions tagged [pundit]