Skip to main content
Ask A Question
Notifications
You’re not receiving notifications from this thread.
Subscribe

Pundit scopes

General • Asked by Dmitry Amelchenko

Hi, i have no idea how to choose best way. There are three models User, Department and Task. Each user assigned to one department (belongs to). Department has many tasks. How to write a policy or something to do without using Pundit, when user can see only tasks from assigned department?


Dmitry,

Without Pundit, you can scope your queries in the controller with @tasks = current_user.department.tasks so that it always accesses them through the User.

With Pundit, you can setup a scope to reference the Department on the user:

class TaskPolicy < ApplicationPolicy
  class Scope < TaskPolicy
    attr_reader :user, :scope

    def initialize(user, scope)
      @user = user
      @scope = scope
    end

    def resolve
      @scope.where(department_id: @user.department_id)
    end
  end
end

And use this by saying @tasks = policy_scope(Task)



Login or Create An Account to join the conversation.

Subscribe to the newsletter

Join 30,005+ developers who get early access to new screencasts, articles, guides, updates, and more.

    By clicking this button, you agree to the GoRails Terms of Service and Privacy Policy.

    More of a social being? We're also on Twitter and YouTube.