Skip to content

Instantly share code, notes, and snippets.

View pedrosmmoreira's full-sized avatar

Pedro Moreira pedrosmmoreira

18 followers · 2 following
View GitHub Profile
@pedrosmmoreira
pedrosmmoreira / foos_controller.rb
Created February 17, 2017 11:23
class FoosController < ApplicationController
include Pundit
#...
# record policy
def set_record_policy
policy(PolicyContext.new(record, current_user)
end
# scope policy
@pedrosmmoreira
pedrosmmoreira / policy_context.rb
Created February 17, 2017 11:22
class PolicyContext
attr_reader :record
def initialize(record, user)
@record = record
@user = user
end
def policy_class
"#{@user.role}FooPolicy".classify
@pedrosmmoreira
pedrosmmoreira / admin_policy.rb
Created February 17, 2017 11:20
class AdminFooPolicy < ApplicationPolicy
class Scope
attr_reader :user, :scope
def initialize(user, context)
@user = user
@scope = context.record
end
def resolve
@pedrosmmoreira
pedrosmmoreira / foo_policy.rb
Created February 17, 2017 11:18
class FooPolicy < ApplicationPolicy
#...
class Scope
#...
def resolve
if user.roles.include?("admin")
scope.not_cancelled
elsif user.roles.include?("official")
scope.not_draft
elsif user.roles.include?("provider")
@pedrosmmoreira
pedrosmmoreira / final_controller_calls.rb
Last active January 21, 2016 06:40
Dynamic Pundit Policies per user type
class FoosController < ApplicationController
include Pundit
#...
# record policy
def set_record_policy
policy(PolicyContext.new(record, current_user)
end
# scope policy
@pedrosmmoreira
pedrosmmoreira / gist:f27fb0da654264fe69f8
Created May 7, 2014 13:46
request spec
require 'spec_helper'
describe 'GET /v1/projects' do
it 'returns a list of all projects' do
projects = create_list :project, 2
get "/v1/projects"
expect(response_json).to eq(
'projects' => [{