From Pundit to ActionPolicy:
- Remove
include Pundit
from ApplicationController - Add
alias authorize authorize!
- Add
authorize :current_user, as: :user
- Add
include ActionPolicy::Policy::Core
toApplicationPolicy
- Update
ApplicationPolicy#initialize
:
def initialize(target, user:)
# ...
end
- Add
policy
helper:
helper_method :policy
def policy(record)
policy_for(record)
end
NOTE: policy
defined above is not equal to allowed_to?
since it doesn't take into account pre-checks.
- Replace RSpec helper:
# require 'pundit/rspec'
require 'action_policy/rspec/pundit_syntax'
- TODO: scopes migration
When everything is green, it's time to fully migrate to ActionPolicy:
- make ApplicationPolicy inherit from
ActionPolicy::Base
- migrate view helpers (from
policy(..)
toallowed_to?
) - re-write specs using simple non-DSL syntax
- add controller specs (add
require 'action_policy/rspec'
)