Getting "unable to find policy" when using pundit and Rails 5

Question

I'm using Rails 5 and want to use pundit for authorization of my objects. I have added the gem to my Gemfile and have placed this in my application_controller.rb file

class ApplicationController < ActionController::Base

  # Needed for proper authorization
  include Pundit

And I've created an application policy file here -- app/policies/application_policy.rb

class ApplicationPolicy
  attr_reader :user, :record

  def initialize(user, record)
    @user = user
    @record = record
  end

  def index?
    false
  end

  def show?
    scope.where(:id => record.id).exists?
  end

  def create?
    false
  end

  def new?
    create?
  end

  def update?
    @record.user == @user
  end

  def edit?
    update?
  end

  def destroy?
    @record.user == @user
  end

and then I have a blank MyEventPolicy file (app/policies/my_event_policy.rb)

class MyEventPolicy < ApplicationPolicy
end

Then in my app/controllers/my_event_controller.rb file, I have

  def edit
    @my_event = MyEvent.find(params[:id]) 
    authorize @my_event

But when I invoke the above, I get an error on the "authorize" line complaining about

unable to find policy `MyEventPolicy` for `#<MyEvent id: 1, ...

What else am I missing in my setup to get this working properly?

Edit: Here is what is in my app/models/user.rb file ...

class User < ActiveRecord::Base
  has_many :assignments
  has_many :roles, through: :assignments

  def role?(role)
    roles.any? { |r| r.name.underscore.to_sym == role.to_s.underscore.to_sym }
  end

  def admin?
    role? "Admin"
  end

  def name
    name = first_name
    if !first_name.nil?
      name = "#{name} "
    end
    "#{name}#{last_name}"
  end

  def self.from_omniauth(auth)
    puts "auth id: #{auth.uid} provider: #{auth.provider}"
    user = find_or_create_by(uid: auth.uid, provider: auth.provider)
    user.provider = auth.provider
    user.uid = auth.uid
    user.email = auth.info.email
    user.first_name = auth.info.first_name
    user.last_name = auth.info.last_name
    user.oauth_token = auth.credentials.token
    user.oauth_expires = auth.credentials.expires_at.nil? ? nil : Time.at(auth.credentials.expires_at)
    user.save!
    user
  end

end

Answer 1

Shouldn't it be record and user for the update? and destroy? policy actions instead of @user/@record? Then authorize @user/@record in your controller actions, as written in the README.md

Furthermore, create specific policies to your event class in your EventPolicy instead of staying global within your application policy.