From c8f990e319c02a364ef00033c47d8219290d3298 Mon Sep 17 00:00:00 2001
From: Andreas Nedbal <git@pixelde.su>
Date: Fri, 18 Nov 2022 22:50:35 +0100
Subject: [PATCH] Set up Pundit

---
 Gemfile                                   | 2 ++
 Gemfile.lock                              | 3 +++
 app/controllers/application_controller.rb | 1 +
 3 files changed, 6 insertions(+)

diff --git a/Gemfile b/Gemfile
index 1aa832ec..c20b4ef2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -109,3 +109,5 @@ gem "omniauth-rails_csrf_protection", "~> 1.0"
 gem "net-smtp"
 gem "net-imap"
 gem "net-pop"
+
+gem "pundit", "~> 2.2"
diff --git a/Gemfile.lock b/Gemfile.lock
index 08748a15..90b65a5e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -304,6 +304,8 @@ GEM
     public_suffix (4.0.7)
     puma (6.0.0)
       nio4r (~> 2.0)
+    pundit (2.2.0)
+      activesupport (>= 3.0.0)
     questiongenerator (1.0.0)
     racc (1.6.0)
     rack (2.2.4)
@@ -550,6 +552,7 @@ DEPENDENCIES
   pg
   pghero
   puma
+  pundit (~> 2.2)
   questiongenerator (~> 1.0)
   rails (~> 6.1)
   rails-controller-testing
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index f38b68e5..530d7b94 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::Base
+  include Pundit::Authorization
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception