RailsAdmin integration with Pundit authorization system
This is a fork of Sudosu's gem, which does not include support for Pundit's method after_action verify_authorized
method. This resulted in automatic Pundit::AuthorizationNotPerformedError with Rails Admin. This fork fixes the issue
Add this line to your application's Gemfile:
gem "rails_admin_pundit", :github => "Samy-Amar/rails_admin_pundit"
And then execute:
$ bundle
-
First of all you need to configure Pundit (if you configured it already, skip this step). Include Pundit in your application controller:
class ApplicationController < ActionController::Base include Pundit protect_from_forgery end
Run the generator, which will set up an application policy:
rails g pundit:install
For other configurations see Pundit's readme.
-
In your
app/policies/application_policy.rb
policy you need to add rails_admin? method:class ApplicationPolicy ...... def rails_admin?(action) case action when :dashboard user.admin? when :index user.admin? when :show user.admin? when :new user.admin? when :edit user.admin? when :destroy user.admin? when :export user.admin? when :history user.admin? when :show_in_app user.admin? else raise ::Pundit::NotDefinedError, "unable to find policy #{action} for #{record}." end end # Hash of initial attributes for :new, :create and :update actions. This is optional def attributes_for(action) end end
Set pundit authorize method in
config/initializers/rails_admin.rb
initializer:RailsAdmin.config do |config| ## == Pundit == config.authorize_with :pundit ## == method to call for current_user == config.current_user_method(&:current_user) ...... end
Now, in your model's policy you can specify a policy for rails_admin actions. For example:
class CityPolicy < ApplicationPolicy ...... def rails_admin?(action) case action when :destroy, :new false else super end end end
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request
Licensed under the MIT license, see the separate LICENSE.txt file.