apply pundit for stories

2023-01-15 22:00:26 +02:00
parent b8e14fe6b5
commit 459cea35e1
9 changed files with 75 additions and 4 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -1,9 +1,11 @@
 class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?
+  include Pundit::Authorization
+  alias :current_user :current_member

-   protected
+  protected

-   def configure_permitted_parameters
-     devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
-   end
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
+  end
 end
--- a/app/controllers/stories_controller.rb
+++ b/app/controllers/stories_controller.rb
@ -17,6 +17,7 @@ class StoriesController < ApplicationController

  # GET /stories/1/edit
  def edit
+    authorize @story
  end

  # POST /stories