:heavy_plus_sign: add pundit

DAY-7.md

@@ -10,3 +10,4 @@
 - Database creation & initialization
 - Create a model & migration
 - [Table definition demo](db/migrate/20210804025823_devise_create_users.rb)
+- Please **DO NOT** commit `db/schema.rb`

Gemfile

@@ -61,4 +61,6 @@ gem 'rails-i18n', '~> 6.0.0'
 gem 'devise'
 gem 'devise-i18n'
 gem 'omniauth'
+gem "pundit"
+
 gem 'kaminari'

Gemfile.lock

@@ -133,6 +133,8 @@ GEM
     public_suffix (4.0.6)
     puma (5.4.0)
       nio4r (~> 2.0)
+    pundit (2.1.0)
+      activesupport (>= 3.0.0)
     racc (1.5.2)
     rack (2.2.3)
     rack-mini-profiler (2.3.2)
@@ -248,6 +250,7 @@ DEPENDENCIES
   omniauth
   pg (~> 1.1)
   puma (~> 5.0)
+  pundit
   rack-mini-profiler (~> 2.0)
   rails (~> 6.1.4)
   rails-i18n (~> 6.0.0)

README.md

@@ -41,3 +41,4 @@ application up and running.
 ## Documents
 
 - [A Scope & Engine based, clean, powerful, customizable and sophisticated paginator for modern web app frameworks and ORMs](https://github.com/kaminari/kaminari)
+- [Minimal authorization through OO design and pure Ruby classes](https://github.com/varvet/pundit)

app/controllers/application_controller.rb

@@ -1,2 +1,3 @@
 class ApplicationController < ActionController::Base
+    include Pundit
 end

app/policies/application_policy.rb

@@ -0,0 +1,49 @@
+class ApplicationPolicy
+  attr_reader :user, :record
+
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+
+  def index?
+    false
+  end
+
+  def show?
+    false
+  end
+
+  def create?
+    false
+  end
+
+  def new?
+    create?
+  end
+
+  def update?
+    false
+  end
+
+  def edit?
+    update?
+  end
+
+  def destroy?
+    false
+  end
+
+  class Scope
+    attr_reader :user, :scope
+
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+
+    def resolve
+      scope.all
+    end
+  end
+end