Use of pundit, with roles and enforcing plan attributes?

Matt Bjornson
I've done a little work with pundit, but my knowledge is a bit basic... A couple of questions,
  • Is it appropriate to use pundit with roles? If I create a user who is a 'viewer' role, can/should I add the roles logic to pundit policies? I've been putting this logic in controllers and it feels like I should be adding this specific logic in pundit.
  • Could/should I use pundit to enforce the attributes of my plans? So if your plan that you've purchased allows for 5 users, should I create a policy so that when an admin tried to invite the 6th user, they'd receive an exception in Pundit prompting them to upgrade, etc.

Any pointers would be helpful, sorry for the n00b questions...
Chris Oliver
Yeah, you'd use the roles inside pundit to set the rules for each policy. Pundit is definitely what I would recommend over the alternatives like CanCanCan.
Donn Felker
I was surprised that Pundit did not come included in Jumpstart. It's not a huge deal to add it, but it seems so crucial for setting up things in SaaS projects. Any thoughts of including it  Chris Oliver  ?
Chris Oliver
We may add Pundit at some point. Really, there's not a lot in Jumpstart Pro that requires permissions, so I wanted to leave it open for people to use whatever they wanted.

I can see possibly just using Pundit as the default for Jumpstart at some point. I just wanted to see how people were using the template before I made any decisions on that, since it's not really required for anything as part of the base template.
Donn Felker
Understandable, however, after building a few SaaS apps myself without Jumpstart I find that Pundit is usually something I reach for fairly quickly to make sure I'm scoping access correctly for particular resources/roles. Thanks for thinking about it and the quick reply. 👍🏻
Chris Oliver
Yep, I agree. There's not too many downsides to include it and I strongly prefer it over everything else since it's so simple.

At the same time, it's like 2 seconds to add Pundit in yourself, so I just decided not to make a decision on it so far. 
Annie O'Grady
Hey - it's June 2021 - Planning to add PUNDIT unless it has been superceded by anything better?   
John Quarto-vonTivadar
someone pointed out action_policy and I immediately liked it better

Notifications
You’re not receiving notifications from this thread.
Subscribe
© 2021 GoRails, LLC