Closed ahamelers closed 1 year ago
Examples from DMPTool project:
https://github.com/CDLUC3/dmptool/commit/6883c8ae41763965bc153f2dd0981eed45173082
Pundit's Scope class (in a controller):
# GET /api/v2/plans
# -----------------
def index
# See the Policy for details on what Plans are returned to the Caller
plans = Api::V2::PlansPolicy::Scope.new(@client, @resource_owner, Plan).resolve
if plans.present? && plans.any?
@items = paginate_response(results: plans)
@minimal = true
render "api/v2/plans/index", status: :ok
else
render_error(errors: [_("No Plans found")], status: :not_found)
end
end
https://github.com/CDLUC3/dmptool/blob/main/app/policies/api/v2/templates_policy.rb
Parent: #1989
Begin applying the Pundit gem to the project, for future improvement and enhancement
Roles & permissions doc: https://docs.google.com/spreadsheets/d/1slzcQOjqWnQSQfkwl720TLdl2Y8XMOzy9ANb5JOhqwA/edit#gid=2049842564
Pundit docs: https://www.rubydoc.info/gems/pundit