pundit - ruby on rails police department

PUNDITRuby on Rails Police Department

Piotr Kochowicz

AGENDA

Motivation

Gem overview

Use cases

MOTIVATION

Peer discussion

Project experience

Curiosity

PUNDIT history

created by ELABS

alternative for CanCan

based on objectify

PUNDIT

simple

object oriented

flexible

isolated

APPLICATION POLICY

Base class for policies

Defines default policy behaviour

POLICY

Defined for an object

Accesses a user and an object

Contains Scope class and authorization methods

inherits from ApplicationPolicy

APPLICATION CONTROLLER

Ensures policies are used

Handles authorization exception

Additional exception info

exception.policy

exception.query

exception.record

CONTROLLER

Uses policy for scoping

Authorizes object

RSPEC simple

http://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/

OTHER FEATURES

Using policy in a view

Strong parameters

Custom user

Custom policy class

OTHER FEATURES

Policy without objectAlias method

DISCUSSION

Best use cases

Where it creates overhead?

Thank you

Piotr Kochowicz [email protected]

Reference:https://github.com/elabs/pundithttp://www.elabs.se/blog/52-simple-authorization-in-ruby-on-rails-appshttp://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/http://www.sitepoint.com/straightforward-rails-authorization-with-pundit/https://github.com/FetLife/objectifyhttp://www.slideshare.net/BruceWhite3/pundit-37048056 by Bruce Whitehttp://slides.com/maciekbrodecki/prezpundit#/ by Maciej Brodecki

mailto:[email protected]

http://www.elabs.se/blog/52-simple-authorization-in-ruby-on-rails-apps

http://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/

http://www.sitepoint.com/straightforward-rails-authorization-with-pundit/

http://www.slideshare.net/BruceWhite3/pundit-37048056

http://slides.com/maciekbrodecki/prezpundit#/

pundit - ruby on rails police department

Technology