Authorization with Pundit
I want share my experience in the group from our Monday meetup yesterday. Let’s refresh the memory:
“do authorization with pundit gem” – Homework here on github issue 12
We went to this page and bundle it to our Gemfile
gem 'pundit', '~> 1.0.1'
And open up these links on that page.
Previously we have done the authorization in this way writing on the
app/controllers/products_controller.rb if @product.user == current_user
and then also implemented after that the same feature in this way
app/models/product.rb def user_owns?(u) self.user == u end def user_can_change?(u) self.user_owns?(u) end app/controllers/products_controller.rb if @product.user_owns?(current_user)
What about pundit...
Continue reading →