Custom pundit user

README.md

@@ -303,6 +303,18 @@ Pundit.policy_scope(user, Post)
 The bang methods will raise an exception if the policy does not exist, whereas
 those without the bang will return nil.
 
+## Customize pundit user
+
+In some cases your controller might not have access to `current_user`, or your
+`current_user` is not the method one that should be invoked by pundit. Simply
+define a method in your controller called `pundit_user`.
+
+```ruby
+def pundit_user
+  User.find_by_other_means
+end
+```
+
 ## Pundit and strong_parameters
 
 In Rails 3 using [strong_parameters](https://github.com/rails/strong_parameters)

lib/pundit.rb

@@ -61,10 +61,14 @@ def authorize(record, query=nil)
 
   def policy_scope(scope)
     @_policy_scoped = true
-    Pundit.policy_scope!(current_user, scope)
+    Pundit.policy_scope!(pundit_user, scope)
   end
 
   def policy(record)
-    Pundit.policy!(current_user, record)
+    Pundit.policy!(pundit_user, record)
+  end
+
+  def pundit_user
+    respond_to?(:current_user) ? current_user : nil
   end
 end

spec/pundit_spec.rb

@@ -226,6 +226,12 @@ def destroy?
     end
   end
 
+  describe "#pundit_user" do
+    it 'returns the same thing as current_user' do
+      controller.pundit_user.should eq controller.current_user
+    end
+  end
+
   describe ".policy" do
     it "returns an instantiated policy" do
       policy = controller.policy(post)