pundit

I am writing with respect to https://github.com/elabs/pundit#scopes I am under the impression that authorization should answer the question Are you allowed access to this resource? , i.e. a true / false answer. This is the case with all actions except index , which, according to Pundit's docs, should return different ActiveRecord::Relation 's depending on who is asking. For example, an admin gets scope.all , while a regular user gets scope.where(:published => true) . app/policies/post_policy.rb class Scope < Struct.new(:user, :scope) def resolve if user.admin? scope.all else scope.where(

I'm trying to figure out how to use pundit in my Rails 4 app. I have a profile view in which I want to display a link to create a new project, subject to pundit authorisation. I have tried each of the following formulations: <%# if policy(Project.new).create? %> <%# if policy(Project).create? %> <%# if policy(@project).create? %> <%# if policy(Projects).create? %> <% if policy(project).create? %> <%= link_to 'CREATE A PROJECT', new_project_path, :class=>"btn btn-info" %> <% end %> The association between project and profile is: Project belongs_to :profile Profile has_many :projects, dependent:

I've added the configuration pundit addapter authorization to my application config.authorization_adapter = ActiveAdmin::PunditAdapter When I login with the admin@example.com credentials I'm getting this error. Pundit::NotDefinedError in Admin::Dashboard#index unable to find policy AdminUserPolicy Extracted source (around line #2): insert_tag active_admin_application.view_factory["page"] so I created these files in my policies/active_admin folder adminuser_policy.rb module ActiveAdmin class AdminUserPolicy < ApplicationPolicy class Scope < Struct.new(:user, :scope) def resolve scope end end

Running into something I don't understand with Pundit, Using Rails 4.2.5.1, Pundit 1.1.0 with Devise for authentication. I'm trying to use a policy scope for the BlogController#Index action. If user is admin, display all posts (drafts, published) If user is standard, display posts marked published only If no user / user not logged in, display posts marked published only Getting an error: undefined method `admin?' for nil:NilClass Live shell reveals: >> user => nil # ApplicationController class ApplicationController < ActionController::Base include Pundit rescue_from Pundit::NotAuthorizedError,

I have a rails 4 app using pundit gem for authorization. If I do russian-doll fragment caching like the code below, the conditional statement used for authorization will be also cached, which is not good, since edit/delete buttons should only be available for the post.user . What is the good way to get around this? Should I split the cache into smaller parts or is there a way to exclude some parts of the caching? What's the rails convention in this case? index.html.erb <% cache ["posts-index", @posts.map(&:id), @posts.map(&:updated_at).max, @posts.map {|post| post.user.profile.updated_at}.max]