For your eyes only.

Learning the Pundit Gem


When it comes to providing access to your users you need to use pick a solution because Ruby on Rails is silent in choosing how to allow user and content access. Pundit provides a set of helpers which guide you in leveraging regular Ruby classes and object oriented design patterns to build a simple, robust and scaleable authorization system. Pundit strongly encourages you to model your application in such a way that the only context you need for authorization is a user object and a domain model that you want to check authorization for.


7 Moving Parts

At the most basic use case, pundit has 7 moving parts you should be aware of. Everything else is designed to help make your life easier. So, let's start at the simpliest setup and discuss each of these 7 moving parts.

We're going to step through these 7 pieces


gem "pundit"

Include Pundit in your application controller:

          class ApplicationController < ActionController::Base
            include Pundit

Optionally, you can run the generator, which will set up an application policy with some useful defaults for you:

rails g pundit:install

After generating your application policy, restart the Rails server so that Rails can pick up any classes in the new app/policies/ directory.


TODO - demo content is here

Table of Contents