Pundit, Devise - authorization with multiple models

Setting up authorization for two separate Devise models in a Rails application. Only the current subscriber at medical_student should be able to edit or delete their profile. Other medical_students should be able to view other medical objects, and regular users should also be able to view their profile.

Here is my code:

Politics

class MedicalStudentProfilePolicy
 attr_reader :medical_student, :medical_student_profile

 def initialize(medical_student, medical_student_profile)
  @medical_student = medical_student
  @medical_student_profile = medical_student_profile
 end

 def edit?
  @medical_student_profile.medical_student_id == medical_student
 end

 def destroy?
  @medical_student_profile.medical_student_id == medical_student
 end
end

      

        
        
        
      

    

Pundit user

def pundit_user
 if medical_student_signed_in?
  @medical_student = current_medical_student
 elsif user_signed_in?
  @medical_student = MedicalStudent.find params[:medical_student_id]
 end
end

      

        
        
        
      

    

Edit

 def edit
  authenticate_medical_student!
  authorize @medical_student_profile, :edit?
 end

      

        
        
        
      

    

View

- if policy(@medical_student_profile).edit?

      

        
        
        
      

    

This works when logged in as a user, however current medical students cannot edit their profiles. Any ideas?