Skip to content

Instantly share code, notes, and snippets.

@tomchentw

tomchentw/comment_policy.rb

Created January 23, 2014 14:42
Show Gist options
  • Save tomchentw/8579571 to your computer and use it in GitHub Desktop.
Save tomchentw/8579571 to your computer and use it in GitHub Desktop.
Download ZIP
Implementation of ActiveAdmin::PunditAdapter and usage of Pundit with ActiveAdmin. A PR is opened here : https://github.com/gregbell/active_admin/pull/2857
Raw
comment_policy.rb
# app/policies/active_admin/
module ActiveAdmin
class CommentPolicy < ApplicationPolicy
class Scope < Struct.new(:user, :scope)
def resolve
scope
end
end
end
end
Raw
page_policy.rb
# app/policies/active_admin/
module ActiveAdmin
class PagePolicy < ApplicationPolicy
class Scope < Struct.new(:user, :scope)
def resolve
scope
end
end
def show?
case record.name
when 'Dashboard'
user.admin?
else
false
end
end
end
end
Raw
pundit_adapter.rb
# in lib/active_admin/
require 'pundit'
# https://github.com/gregbell/active_admin/blob/master/lib/active_admin/authorization_adapter.rb
module ActiveAdmin
# References
#
# Default Authorization permissions for Active Admin
#
# module Authorization
# READ = :read
# CREATE = :create
# UPDATE = :update
# DESTROY = :destroy
# end
class PunditAdapter < AuthorizationAdapter
def authorized?(action, subject = nil)
action = if subject.is_a? Class
:index?
else
override_action_name action
end
Pundit.policy(user, subject).public_send action
end
def scope_collection(collection, action = Auth::READ)
Pundit.policy_scope(user, collection)
end
def override_action_name(action)
case action
# https://github.com/elabs/pundit/blob/master/lib/generators/pundit/install/templates/application_policy.rb
when :read
:show?
when :create
:create?
when :update
:update?
when :destroy?
:destroy?
else
"#{ action }?"
end
end
end
end
@dinakaran
Copy link

I followed this to setup active admin to pundit authorization, but on the page_policy.rb the user instance is nill instead of getting the current logged in user

@afkehaya
Copy link

This plugin allowed the login page to show but when I used the [email protected] and password credentials I got Pundit::AuthorizationNotPerformedError in Admin::DashboardController#index this error. How do I authorize the rest of AA at this point?

@cdesch
Copy link

cdesch commented Apr 26, 2015

I ran into a similar issue.

undefined methodread' for #ActiveAdmin::PagePolicy:0x007ffa06cc1598`

@jessesanford
Copy link

I am also getting Pundit::AuthorizationNotPerformedError in Admin::DashboardController#index error when accessing the dashboard

@jessesanford
Copy link

I was able to solve the Pundit::AuthorizationNotPerformedError in Admin::DashboardController#index by using the following in my app/admin/dashboard.rb:

ActiveAdmin.register_page "Dashboard" do
  controller do
    before_filter :authorize_index, only: :index
    def authorize_index
      policy_scope(User)
    end
  end
  menu priority: 1, label: proc{ I18n.t("active_admin.dashboard") }

  content title: proc{ I18n.t("active_admin.dashboard") } do
    div class: "blank_slate_container", id: "dashboard_default_message" do
      span class: "blank_slate" do
        span I18n.t("active_admin.dashboard_welcome.welcome")
        small I18n.t("active_admin.dashboard_welcome.call_to_action")
      end
    end
end

See this SO solution for more info and explination: http://stackoverflow.com/a/34980939/511168

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment