You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
From what I can tell so far it looks to me (as an admitted novice programmer) that the Pundit adapter is not calling scoping or authorization at all and when you override it the main app policies are used not the /active_admin policies. I could only get the scoping and authorization to load with (Post model):
before_filter :only => [:index] do
policy_scope(collection)
authorize collection
end
before_filter :except => [:index] do
authorize resource
end
and even then /admin/posts loads the /policies/post_policy.rb vs /policies/active_admin/post_policy.rb.
If I am missing something obvious here please let me know.
On a side Note I also added a dashboard controller override to eliminate Pundit wanting to scope the Dashboard.
The text was updated successfully, but these errors were encountered:
That the /policies/post_policy.rb is loaded is right, your model is Post so the policy is PostPolicy and not ActiveAdmin::Post.
And yes ActiveAdmin don't use the Pundit Scopes (the same as by cancan btw.). The problem at this point is that you can write your own scopes in the ActiveAdmin interface, which can overwrite the Pundit scopes.
Pulling my hair out over this - all the gory details are here:
http://stackoverflow.com/questions/34664645/active-admin-devise-and-pundit-punditpolicyscopingnotperformederror
I wanted to confirm I am not making matters worse with the legacy code in my existing app so I created a couple of dummy apps:
https://github.com/jasper502/aa_with_pundit (with a Admin User class)
https://github.com/jasper502/aa_with_pundit_user (with a single User class)
From what I can tell so far it looks to me (as an admitted novice programmer) that the Pundit adapter is not calling scoping or authorization at all and when you override it the main app policies are used not the /active_admin policies. I could only get the scoping and authorization to load with (Post model):
and even then
/admin/posts
loads the/policies/post_policy.rb
vs/policies/active_admin/post_policy.rb
.If I am missing something obvious here please let me know.
On a side Note I also added a dashboard controller override to eliminate Pundit wanting to scope the Dashboard.
The text was updated successfully, but these errors were encountered: