A
A
Anton Ivanov2019-04-20 02:00:34
Ruby on Rails
Anton Ivanov, 2019-04-20 02:00:34

How to prevent an attribute from changing to a specific value using pundit?

Hello.
We are using pundit on our system to manage permissions, however we are currently running into a problem that is described in the title of the question.
We allow users to change another user's permissions, but it should not be possible to set a permission group higher than or equal to one's own.
That is, "Administrator" can edit the rights of other users, but he cannot give the user administrator rights. Similarly, a user with "First Access" rights can edit the rights of users with "Second Access" access and below, but should not be able to set any of them to "First Security".
This is easily solved throughdef role=(value)in the model (although using current_user in the model is also not very welcome), but is there any solution through pundit? Searching on Google and on SO did not bring up much results. Pundit allows you to specify which model fields the user will have access to, but it does not allow you to check for new values.

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question