From 36accee7d6ed0e2d1ffda88163ce5a701df5cd66 Mon Sep 17 00:00:00 2001 From: "M.Shibuya" Date: Mon, 23 Nov 2015 17:33:54 +0900 Subject: [PATCH] Respect #pundit_user. Closes #2467 --- .../extensions/pundit/authorization_adapter.rb | 3 +-- spec/integration/authorization/pundit_spec.rb | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/lib/rails_admin/extensions/pundit/authorization_adapter.rb b/lib/rails_admin/extensions/pundit/authorization_adapter.rb index de4f77161a..c53ca151a4 100644 --- a/lib/rails_admin/extensions/pundit/authorization_adapter.rb +++ b/lib/rails_admin/extensions/pundit/authorization_adapter.rb @@ -8,7 +8,6 @@ class AuthorizationAdapter # See the +authorize_with+ config method for where the initialization happens. def initialize(controller) @controller = controller - @controller.class.send(:alias_method, :pundit_user, :_current_user) end # This method is called in every controller action and should raise an exception @@ -52,7 +51,7 @@ def attributes_for(action, abstract_model) def policy(record) @controller.policy(record) rescue ::Pundit::NotDefinedError - ::ApplicationPolicy.new(@controller.send(:_current_user), record) + ::ApplicationPolicy.new(@controller.send(:pundit_user), record) end end end diff --git a/spec/integration/authorization/pundit_spec.rb b/spec/integration/authorization/pundit_spec.rb index dfb7122b2f..e09db4d5f9 100644 --- a/spec/integration/authorization/pundit_spec.rb +++ b/spec/integration/authorization/pundit_spec.rb @@ -1,5 +1,4 @@ require 'spec_helper' -include Pundit class ApplicationPolicy attr_reader :user, :record @@ -65,6 +64,10 @@ def index end describe 'RailsAdmin Pundit Authorization', type: :request do + before(:all) do + ApplicationController.send :include, ::Pundit + end + subject { page } before do @@ -164,4 +167,15 @@ def index is_expected.to have_content('Show in app') end end + + context 'when ApplicationController already has pundit_user' do + let(:admin) { FactoryGirl.create :user, roles: [:admin] } + before do + allow_any_instance_of(ApplicationController).to receive(:pundit_user).and_return(admin) + end + + it 'uses original pundit_user' do + expect { visit dashboard_path }.not_to raise_error + end + end end