cancan

问题 I have the following Ruby conditional: <% if can? :read, %w(policy journey crash user).map(&:to_sym) %> Which I want to translate to: if the user has read permissions for any of the resources in the array. However it always returns false. How can I fix it? I don't want to do: if can? :read, :policy || can? :read, :journey || etc... 回答1: Sure you can. Enumerable#any? is exactly what you're looking for: <% if %i(policy journey crash user).any? { |action| can? :read, action } %> The above will

问题 I'm using CanCan for authorization. I define the model-action-user rules in /app/config/ability.rb and it's working fine. I've added the line load_and_authorize_resource to my application_controller, and everything's done. However, I also have numerous views and controllers that don't have a model underneath. For example, trying to load a statistics page gives NameError (uninitialized constant Statistic): activesupport (3.2.3) lib/active_support/inflector/methods.rb:229:in `block in

问题 I followed this link to figure out how to have an admin approve a new user. I have an approved attribute on my User model that is a boolean. 2 problems - 1) when I'm logged in as admin and go to the edit user via the link_to "Edit", edit_user_path(user) to change approved user - the url is for the correct user but then the update action tries to update the current admin user. 2) I would prefer to have the override of the needed current password so I've put a method in the Registrations

问题 Using devise, what is the best way to have multiple models or roles? Here are the models or roles I need in my app: -Author: can upload content to the site -Customer: pays a monthly fee to access the content A user can be both an Author and a Customer. I think they can share the same login form because they will both log in with their email address. I have tried using CanCan and rolify, but couldn't figure out how to add different roles during registration. When a user registers as an Author,

问题 Update: see end of post for how the specs now work now that I have my specs in spec/requests instead of spec/controllers. Still wondering how to get a valid signed in user for integration tests with my controllers. I'm working with Devise and CanCan for the first time and am having difficulty doing the most basic of integration tests whereby I'm verifying that a logged in user is...well...logged in. I have read countless posts and answers dealing with Devise and RSpec integration tests (i.e.

问题 I'm trying to apply a rule to an ability class Each user in my application (except admins, but we'll ignore that) belongs_to a practice, defined in another model. The practice may want to be suspended from access for one reason or another. I want to say in my ability model if user.practice.suspended? can :read, Client, :practice_id => user.practice_id else can :manage, CLient, :practice_id => user.practice_id etc.... But for some reason, whilst I can use user.practice_id in the ability model

问题 I'm trying to apply a rule to an ability class Each user in my application (except admins, but we'll ignore that) belongs_to a practice, defined in another model. The practice may want to be suspended from access for one reason or another. I want to say in my ability model if user.practice.suspended? can :read, Client, :practice_id => user.practice_id else can :manage, CLient, :practice_id => user.practice_id etc.... But for some reason, whilst I can use user.practice_id in the ability model

问题 Rails 4 ships with strong_parameters, which is a great addition - but I've run into a problem with it. I have a polymorphic model Comment and I cannot for the life of me get the controller to accept the parameters it needs. Here is my code (shortened for clarity): Routes: resources :articles do resources :comments end Models: class Article < ActiveRecord::Base has_many :comments, :as => :commentable end class Comment < ActiveRecord::Base belongs_to :commentable, :polymorphic => true end

问题 I have built a small ruby webservice, in this I have implemented cancan authorization. I followed this tutorial. The problem is that, I can't find out the way to assign at the user, when they do the registration to my site, the base role level. I find out to do this with a checkbox, but it's not what I want. My idea was to put this assignment directly into the registrations_controller, but I failed to save the role. I hope that somebody can help me. Thank you. 回答1: This is what worked for me

问题 long time reader first time user. I'm putting together my first RoR application and I've isolated everything my app should use down to:- Sorcery Omniauth CanCan twitter-bootstrap (converted to sass) and Simple Forms. Clean, clear and simple....Not. Cannot for the life of me integrate (what would seem to be the most simplest of tasks) simple forms with a Sorcery "Login" without getting errors on the 'remember_me' field. Simple forms doesn't have a simple_form_tag (only simple_form_for) option