Authorization with Pundit doesn't allow Policy Namespacing
Punditize assumes that there is no Pundit Policy Namespacing being used. If we allow namespaces, we could even avoid the custom policy_scope_admin.
Quick work around is, instead of including Punditize, to use the following code:
# All Administrate controllers inherit from this `Admin::ApplicationController`,
# making it the ideal place to put authentication logic or other
# before_actions.
#
# If you want to add pagination or other controller-level concerns,
# you're free to overwrite the RESTful controller actions.
module Admin
class ApplicationController < Administrate::ApplicationController
include Pundit
def policy_scope(scope)
super([:admin, scope])
end
def authorize(record, query = nil)
super([:admin, record], query)
end
def scoped_resource
policy_scope super
end
def authorize_resource(resource)
authorize resource
end
def show_action?(action, resource)
Pundit.policy!(pundit_user, [:admin, resource]).send("#{action}?".to_sym)
end
end
end