Using Pundit with ActiveAdmin
Hey, I'm using pundit with active admin and getting this error message
Pundit::AuthorizationNotPerformedError in ActiveAdmin::Devise::SessionsController#new
In the pundit video you show us
include Pundit
after_action :verify_authorized, unless: :devise_controller?
What do I need to do so that pundit will do the same for active admin's devise controller? Second question. I need to have access to activeadmin's controller to manage permissions in the admin panel, How do I gain access or edit that controller?
Thanks for your help!
Update: I followed this and was able to get the login page to show https://gist.github.com/tomchentw/8579571
Now once logged in I'm getting a similar error Pundit::AuthorizationNotPerformedError in Admin::DashboardController#index
I guess I'm having trouble figuring out how the adapter worked to allow for access to the login page so I can recreate it for the index page and new resources that I might add.
Any suggestions?
UPDATE: After much trial and error I figured out how to get active admin up and running with pundit. See my answer on stack overflow by clicking here. http://stackoverflow.com/questions/27883386/how-to-get-active-admin-to-work-with-pundit-after-login
update: at the bottom of this link :https://github.com/activeadmin/activeadmin/blob/master/docs/13-authorization-adapter.md
It shows you the coded needed to start using the built in pundit adapter that AA has. I'm able to get to the login page but when I try to log in I get this error.
Pundit::NotDefinedError in Admin::Dashboard#index
unable to find policy AdminUserPolicy for #AdminUser:0x007fd55b3dac10
I've created an admin_user_policy in polocies/active_admin and set everything to true. and it's still not working.
Any suggestions?
I haven't used Pundit with AA, but I was going to mention the adapter. Not quite sure what to suggest from here. Maybe there is a typo in there somewhere causing it to be unable to find it?
Thanks for the response Chris... I've ben able to get the dashboard up and running but when I try to access the admin profile for my account I get this error
unable to find scope AdminUserPolicy::Scope for AdminUser
and it highlights this line from my applicaiton.rb file
def scope
Pundit.policy_scope!(user, record.class)
end
I'm not too clear on how to define the scope for admin user. I think I either want to figure this out or I want to write something similar to what you did for devise
include pundit
after_action :verify_authorized, unless: :devise_controller?
What would I need to write to exclude all of active admin from pundit authorizations?
Did you ever get this working? I am stuck at the same issue. Can you just disable Pundit for AA entirely?
It's really unfortunate that's still happening. I don't know if this is relevant or not, but did you guys this? https://github.com/activeadmin/activeadmin/issues/3068
I am not sure if that's the issue. Here is a comprehensive post I just created on this issue:
I think it's a bigger (or simple) issue. My AA policies seem to not being referenced at all. If I say try and load /admin/users Pundit is using the /policies/user_policy.rb file and not /policies/active_admin/user_policy.rb.
In my case (for now) my AA policies are all true until I decide to lock down AA access when I open it up to other users. In the near term it's just me in there so I am the only one to blame if data gets deleted by accident :)
On a side note Chris I suspect you have a view bug on the questions home page. Look at this thread. I made the last post but alexander's avatar is shown. Is this the intent? It threw me for a second as I saw my name and someone else face. If the idea is that it's his topic that makes sense but it's a bit confusing in that context.
What a subtle bug, glad you caught that Dan. :) Should be fixed now.
I wonder if we can get a patch into ActiveAdmin that will correct that...
See my SO post for an update. I found a solution but I would still like to know if this is an isolated issue with my code or an issue with AA / Pundit.
From what I can tell AA is not calling authorize or policy_scope at all. Once you force it to it works (for the most part).
Hi I had similar challenges with sorcery and AA and finally made after i reached out to the AA guys , just raise an issue on the github repo he responds very fast and he will guide you in the right direction .... for all the troubles i had he responded with an hour or too a super helpful team they got.
All the best
New issue posted here:
https://github.com/activeadmin/activeadmin/issues/4264
Have a look at my dummy app:
https://github.com/jasper502/aa_with_pundit_user
Unless I am missing something obvious it's clearly broken.