administrate icon indicating copy to clipboard operation
administrate copied to clipboard
verified publisher icon thoughtbot

Pundit error: not allowed to index? this Class

Open burmashave opened this issue 2 years ago • 1 comments

I just started using administrate and encountered a problem when integrating with Pundit.

When I include Administrate::Punditize in the Admin::ApplicationController, I get a Pundit::NotAuthorizedError at my /admin route, with error: not allowed to index? this Class.

The action I'm rooting to is:

namespace :admin do
  resources :venues
  resources :users
  
  root to: "venues#index"
end

The Venues controller has:

  def index
    @venues = policy_scope(Venue)
  end

And the policy has:

class VenuePolicy < ApplicationPolicy
  class Scope < Scope
    def resolve
      scope.visible_to(user)
    end
  end

visible_to is an included module scope:

class_methods do
  def visible_to(user)
    user&.admin? ? all : published
  end
end

The policy works outside of administrate, so I'm not sure what I'm doing wrong here. Any ideas?

burmashave avatar Jun 01 '23 05:06 burmashave

Hello! I wonder if this is caused by the change which was eventually fixed in #2383.

Could you try pulling from main and seeing if that resolves the problem?

nickcharlton avatar Jun 27 '23 15:06 nickcharlton