stackoom
  简体   繁体   中英

How to authorize from an especific policy in pundit (Rails)

 原文  2015-08-15 16:52:45       ruby-on-rails/ pundit

Question

Is there a way to specify the policy class in the authorization method in Pundit ? When you do 

    authorize @user, :show

It uses the UserPolicy class, because @user is a User (Model) instance. Does anybody know a way to perform the authorize method on another policy class? like CustomerPolicy , without the existence of the Customer model class.

1 answers

solution1
 2 ACCPTED  2015-08-15 18:53:27

You can use a symbol instead of a model instance to invoke a "headless" policy (a policy without a backing model). 

authorize :customer, :show
# or for a namespaced policy
authorize [:people, :customer]

Another option is to set the policy on the model class: 

class User < ActiveRecord::Base
  def self.policy_class
    CustomerPolicy
  end
end

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Rails 4 - Pundit - create policy Rails - with Pundit Scopes in policy Rails 6 - Pundit “policy wrapper” Rails: No Pundit policy found in Rails Rails validate params in pundit policy Pundit Authorize From Another Model Rails 4 - Pundit - scoped policy for index How to authorize ActiveAdmin resources with Pundit? How to isolate a query inside a scope from pundit policy scope? How to write a Pundit policy with 3 or statements?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM