Created
November 14, 2012 11:11
-
-
Save littlemove/4071576 to your computer and use it in GitHub Desktop.
CanCan, Rolify and RailsAdmin took my baby away
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Ability | |
| include CanCan::Ability | |
| def initialize(user) | |
| user ||= User.new | |
| if user.has_role?(:metadmin) | |
| can :manage, :all | |
| can :manage, Carousel, market_id: user.market_id | |
| elsif user.has_role?(:editor) | |
| can :access, :rails_admin | |
| can :dashboard | |
| # Here'll be dragons: | |
| # | |
| # What I'm trying to accomplish here? | |
| # | |
| # Provided a user with a role like :director, director_instance | |
| # (see Rolify README for more info on that matter), I want the | |
| # user to be able to edit only that director_instance (via | |
| # RailsAdmin) | |
| # Why I'm doing this like I am? | |
| # | |
| # Good question. | |
| # According to CanCan's documentation, when using blocks to | |
| # define abilities, we cannot fetch records if we do not provide | |
| # the WHERE clause (for the SQL which is going to retrive the | |
| # records) explictly. | |
| # https://github.com/ryanb/cancan/wiki/Defining-Abilities-with-Blocks | |
| can [:index, :edit], Director,[""] do |director| | |
| user.has_role? :director, director | |
| end | |
| end | |
| cannot :export, :all | |
| cannot :create, [Carousel, Location] | |
| cannot :edit, Location | |
| cannot :destroy, Director | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment