As far as I can see, the caches are not being cleared after a UserContext change. Therefore, policies are being performed using the old UserContext. I would like to implement a simple solution to this issue. With this solution, caches can be cleared when deemed necessary.
class ApplicationController
include Pundit::Authorization
before_action :switch_account, if: :should_switch_account?
def switch_account
set_current_account(Account.find(params[:account_id]))
clear_pundit_context!
end
def pundit_user
UserContext.new(current_user, current_account)
end
end
Fix https://github.com/varvet/pundit/issues/811
As far as I can see, the caches are not being cleared after a
UserContext
change. Therefore, policies are being performed using the old UserContext. I would like to implement a simple solution to this issue. With this solution, caches can be cleared when deemed necessary.To do
PS: Thank you for contributing to Pundit ❤️