Badge List uses Devise for authentication (validating a user's identity), but that is a separate thing from authorization (determining the resources and actions which are available to a particular user). Authorization is a particularly critical piece of the Badge List platform. Why? Badge List offers a lot of permission-related settings. These permissions are core pieces of functionality which are heavily used. But the backend code to actually implement all of those permissions can get messy if there's no structure to contain it. That's where an authorization gem comes in.
We use the Pundit gem for authorization. Not only do we use
Pundit, but we've got a significant amount of custom DSL (domain-specific language) built up on top of
the Pundit gem (Pundit itself is pretty barebones). That means that it's especially important to understand the nitty gritty of how Pundit works in its vanilla state, otherwise you'll be completely lost when you get to Badge List's implementation of Pundit.
How to earn this badge
- Learn about the Pundit gem. Refer to #Learning-Resources to get started.
- Solve the #Challenge
- Post the resources which were helpful in your own learning journey back to #Learning-Resources
- Request feedback