You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If I use a custom policy for authorization (ex: authorize @post, policy_class: SpecialPostPolicy) in my controller how do I use policy(@post) to get the same policy in my view? Here's an example.
<%# This won't use `SpecialPostPolicy`, it'll use `PostPolicy` %><% if policy(@post).update? %><%= link_to "Edit post", edit_post_path(@post) %><% end %>
Additional Commentary
I believe that in a previous version of Pundit the authorize call would call the policy method that was mixed into the controller it was working in the context of. But when authorization was extracted, I think that link was broken. We'd used that "seam" to be able to override def policy in our controller which allowed both the authorize call and the view to use the same policy. It's unclear to me how to use the same custom policy now. I believe this comment is referring to a related idea.
The text was updated successfully, but these errors were encountered:
Basic Issue
If I use a custom policy for authorization (ex:
authorize @post, policy_class: SpecialPostPolicy
) in my controller how do I usepolicy(@post)
to get the same policy in my view? Here's an example.Simple Use Case
Controller:
View:
Additional Commentary
I believe that in a previous version of Pundit the
authorize
call would call thepolicy
method that was mixed into the controller it was working in the context of. But when authorization was extracted, I think that link was broken. We'd used that "seam" to be able to overridedef policy
in our controller which allowed both theauthorize
call and the view to use the same policy. It's unclear to me how to use the same custom policy now. I believe this comment is referring to a related idea.The text was updated successfully, but these errors were encountered: