Skip to content

Instantly share code, notes, and snippets.

@JamesHayton
Created April 21, 2010 09:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save JamesHayton/373634 to your computer and use it in GitHub Desktop.
Save JamesHayton/373634 to your computer and use it in GitHub Desktop.
<% if can? :destroy, @comment %>
<%= link_to 'Delete', comment_path({:id => comment.id}), :confirm => "Are you sure?", :method => :delete %>
<% end %>
# Example 1 - Something That Works
# This Works When Logged In As Member JamesHayton As Expected. When I Log Out, I Can't Delete Comments!
# Bad News Though Is That This Isn't Quite Complete. I Need To Match My Comment Author To My Logged In Member Name
# Notice: I Will Use The Unique ID Later. Just Using A String To Test It Out. See Next...
class Ability
include CanCan::Ability
def initialize(member)
member ||= Member.new #Guest
can :read, :all
can :destroy, @comment, do |comment|
Rails.logger.info "Ability Class: #{member}"
member.member_name == "JamesHayton"
#comment.author == "JamesHayton"
end
end
end
# Example 2 - Something That Doesn't Work
# Notice On The :destroy Ability, I Am Using An Instace Variable Because Just Using The Class Didn't Work For Some Reason.
# This Doesn't Put Anything In My Log And The Delete Link Does Not Show Up. I Can't Quite Figure This Out. See Next...
class Ability
include CanCan::Ability
def initialize(member)
member ||= Member.new #Guest
can :read, :all
can :destroy, Comment, do |comment|
Rails.logger.info "Ability Class: #{member}"
member.member_name == "JamesHayton"
#comment.author == "JamesHayton"
end
end
end
# Example 3 - Something Else That Doesn't Work
# In This Example, I Try Saying If The Passed Comment's Author Equals My Name To Allow Me To Delete. I Am Obviously Not Using
# Any Authentication Here. Just Trying To Get Accesss To The Comment To Test If I Can Limit The Ability To Delete Based On Some
# Value That The Comment Has. No Dice. Nothing Seems To Get Passed As In Example 2 Above, Which Again I Can't Figure Out Why.
# Note: If I Change This Back To An Instance Variable, I Get An Undefinted "Author" Error. See Next...
class Ability
include CanCan::Ability
def initialize(member)
member ||= Member.new #Guest
can :read, :all
can :destroy, Comment, do |comment|
Rails.logger.info "Ability Class: #{member}"
#member.member_name == "JamesHayton"
comment.author == "JamesHayton"
end
end
end
# Example 4 - What I Am Trying To Do
# I Basically Just Want To Check If The Currently Logged In Member Is The Same As The Author Of The Comment And If So, Allow That Member
# The Ability To Delete The Comment. I Thought This Would Work And Believe It Should, But I Am New To Rails And Ruby So I Might Be Missing
# Something Simple Here. I Tried To Browse The Source, But I Couldn't Find Anything That Was Active Record Specific With Regards To This.
# I Found Stuff That For The Build And Authorize Resource Methods, But As Far As I Can Tell, I Am Not Using Them Here. Any Help Would Be
# Much Appreciated.
class Ability
include CanCan::Ability
def initialize(member)
member ||= Member.new #Guest
can :read, :all
can :destroy, Comment, do |comment|
comment.author == member.member_name
#Or This If Needed Based On Something I Saw In The Railscast Episode
comment && comment.author == member.member_name
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment