Replies: 1 comment
-
|
Hi! I converted this to a Q&A for now, because I think the question is valid but I'm not sure it's within the scope of Pundit. It's hard to tell how to ensure this in your case anyway, because it depends on which question you want to answer:
You could probably work your way around each and every one of these, but which one is important is dependent on your application. Pundit only provides no 1 out of the box. 4 might be very hard to determine automatically, and so it's all up to memory again, or your test suite if you will. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
I have a problem with
verify_authorizedmethod when I'm using the inheritance in controllers. My project is divided into modules. Each module has a controller with some basic stuff and the rest controllers inherit from it. For example:And here comes the problem. When I run my tests I would like to also check if
authorize @some, show?was not forgotten. But firstly I check (in the parent controller) if a user has an access to this module at all. In this wayverify_authorizedwon't raise any error because there is always authorization inauthorize_accessmethod before any action.I looked at the code and the only way for now which I see is to manage
@_pundit_policy_authorizedflag manually but maybe there is some 'official' way to achieve what I want.Is there something I can do, to make this safeguard suitable for my architecture?
PS.: As this is my first question I would like to thank you for this great gem.
Beta Was this translation helpful? Give feedback.
All reactions