This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class FoosController < ApplicationController | |
include Pundit | |
#... | |
# record policy | |
def set_record_policy | |
policy(PolicyContext.new(record, current_user) | |
end | |
# scope policy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class PolicyContext | |
attr_reader :record | |
def initialize(record, user) | |
@record = record | |
@user = user | |
end | |
def policy_class | |
"#{@user.role}FooPolicy".classify |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AdminFooPolicy < ApplicationPolicy | |
class Scope | |
attr_reader :user, :scope | |
def initialize(user, context) | |
@user = user | |
@scope = context.record | |
end | |
def resolve |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class FooPolicy < ApplicationPolicy | |
#... | |
class Scope | |
#... | |
def resolve | |
if user.roles.include?("admin") | |
scope.not_cancelled | |
elsif user.roles.include?("official") | |
scope.not_draft | |
elsif user.roles.include?("provider") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class FoosController < ApplicationController | |
include Pundit | |
#... | |
# record policy | |
def set_record_policy | |
policy(PolicyContext.new(record, current_user) | |
end | |
# scope policy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'spec_helper' | |
describe 'GET /v1/projects' do | |
it 'returns a list of all projects' do | |
projects = create_list :project, 2 | |
get "/v1/projects" | |
expect(response_json).to eq( | |
'projects' => [{ |