pundit

Pundit is a Ruby library that helps web applications decide who is allowed to do what. In most applications, different users have different permissions: an admin might be able to delete posts, while a regular user can only edit their own content. Pundit gives developers a structured way to write those rules as plain Ruby classes, instead of scattering permission checks throughout the codebase.

The core idea is a "policy" class. For each type of content in your app, like a blog post or a user profile, you create a matching policy class that contains the permission rules. A PostPolicy class might say: a user can update this post only if they are an admin, or if the post has not been published yet. These policy classes are ordinary Ruby code, which makes them easy to read, test, and maintain independently.

When a user tries to do something in the application, like edit a post, the developer calls a single authorize method in the controller. Pundit automatically finds the right policy class and checks whether the current user is allowed to perform that action. If the check fails, Pundit raises an error. If it passes, the application continues normally.

Pundit also handles "scopes," which are for listing records. A scope rule answers the question: given a particular user, which items from the database should they see? An admin might see all posts, while a regular visitor only sees published ones. The scope class follows the same pattern as a policy: a plain Ruby class with a resolve method that returns the filtered set.

The library integrates with Rails and works alongside standard Rails conventions. It includes a generator command that scaffolds a base policy file with sensible defaults. Views can also check policy rules to conditionally show or hide edit and delete buttons. Pundit stays intentionally minimal: no database schema, no configuration file, no UI. All permission logic lives in your own policy classes.