I use pundit for authorization and RSpec for testing in my rails app. Due to this, I had to create specs for the policies. However, I am having a problem with rubocop throwing an error: RSpec/Multi...

I'm pretty new with Rails and I have a problem with the following policies (using Pundit): I'd like to compare two objects: @record and @foo, as you can see here: class BarPolicy < ApplicationP...

I've added the configuration pundit addapter authorization to my application config.authorization_adapter = ActiveAdmin::PunditAdapter When I login with the [email protected] credentials I...

In one of my project I started to using pundit gem and I have a very simply policy that looks like this: class CompanyPolicy < ApplicationPolicy def index? true if user.is_a? Administrator e...

I'm using ActiveAdmin gem together with Pundit (and Rolify) gem. This is how I wrote my policy (taken from: https://github.com/activeadmin/activeadmin/blob/master/spec/support/templates/policies/a...

I'm installing an app with Pundit authorization and when I try to run RSpec tests I get: undefined method `permissions' for RSpec::ExampleGroups::UserPolicy:Class (NoMethodError)

I have just made the switch to Pundit from CanCan. I am unsure about a couple of things, and how Pundit is best used. For example: If you have a resource that can have multiple parent objects, fo...

In my project, i have pretty common namespace "admin". namespace :admin do resources :users, except: :show end I use Pundit gem to set proper authorization, but i found it difficult to use with...

I want to skip the policy_scope requirement fro Pundit on one controller (home). I have tried this: class ApplicationController < ActionController::Base include Pundit after_action :verify_a...

I'm using Pundit with Rails, and I have a controller that I need to completely restrict from a specific user role. My roles are "Staff" and "Consumer." The staff should have full access to the cont...

I've got a pretty simple Pundit policy with a scope for different user roles. I can't figure out how to test it in Rspec. Specifically, I don't know how to tell the scope what user is logged in bef...

The Tools Pundit Authorisation; experimenting with this pull request linked to from the official Pundit README; ActiveInteraction domain service objects ("DSOs"); RSpec 2.99.1 ** The Project** ...

I have been recently reading through the pundit gem's README and noticed that they never authorize the index view within a controller. (Instead they use scope). They give good reasoning for this,...

I have a Rails app with Clearance and Pundit and I'm trying to create "teams" where the "Team Leader" can invite other users to join their team. I would like to do something similar to devise_invit...

I like the simplicity of Pundit gem and I would like to make policies dynamic by storing them to database. Basically I'm looking for a way to be able to change policies without need to redeploy th...

I am using rails 4, devise for authentication and Pundit for authorization. I have restricted my application to check for authorization on every controller by below code. class ApplicationControl...

I'd like to thoroughly test a Rails application authorization setup (Pundit) with RSpec. The Pundit docs and other respectful sources suggest writing unit tests for Pundit policy classes. Are tho...

I have a multiple select box for a has_many association. The params come in as: foo_ids: ["1", "2", "3"] Using strong parameters, I do not permit this attribute because I would like to authorize...

I'm using the gems pundit and devise. I have a delete link that only shows up if you are an admin. I have an integration test that I would like to verify that the delete link only shows up for admi...

I'm on rails 5 and I'm trying to implement authorizations with pundit for my rails_admin panel. So I included pundit in my application controller and installed the rails_admin_pundit gem as you ca...

I'm using pundit for access control in the admin section of my app. I have a dashboards controller that looks like this: class Admin::DashboardsController < AdminController def index @total_r...

What might be causing this error in verify_authorized method and how to fix it?

I am trying to make an app with Rails 4. I have defined a series of roles with Rolify gem. Now, I want to use pundit to allow users with a role to do certain things. Where more than one type of r...

I am trying to make an app in Rails 4. I am trying to use statesman gem for states and then pundit for policies. My gemfile has: gem 'statesman', '~> 1.3', '>= 1.3.1' gem 'pundit' I hav...

By Default: the paperclip gem stores all attachments within the public directory. I did not want to store the attachments within the public directory for security reasons, so I saved them within a...