add pundit

Gemfile

@@ -52,3 +52,5 @@ group :test do
 end
 
 gem "faker", "~> 2.21"
+
+gem "pundit", "~> 2.2"

Gemfile.lock

@@ -209,6 +209,8 @@ GEM
     pg (1.4.1)
     puma (5.6.4)
       nio4r (~> 2.0)
+    pundit (2.2.0)
+      activesupport (>= 3.0.0)
     racc (1.6.0)
     rack (2.2.4)
     rack-test (2.0.2)
@@ -335,6 +337,7 @@ DEPENDENCIES
   omniauth-google-oauth2 (~> 0.8.2)
   pg (~> 1.1)
   puma (~> 5.0)
+  pundit (~> 2.2)
   rails (~> 7.0.3, >= 7.0.3.1)
   rails-erd (~> 1.7)
   redis (~> 4.0)

app/policies/application_policy.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+class ApplicationPolicy
+  attr_reader :user, :record
+
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+
+  def index?
+    false
+  end
+
+  def show?
+    false
+  end
+
+  def create?
+    false
+  end
+
+  def new?
+    create?
+  end
+
+  def update?
+    false
+  end
+
+  def edit?
+    update?
+  end
+
+  def destroy?
+    false
+  end
+
+  class Scope
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+
+    def resolve
+      raise NotImplementedError, "You must define #resolve in #{self.class}"
+    end
+
+    private
+
+    attr_reader :user, :scope
+  end
+end