cancan

问题 How would I go about defining abilities for several devise models? 回答1: Let's assume your app has two separate Devise-powered user models called User and Admin . This means you use methods like current_user and current_admin side by side. Let's further assume that you only have/want a single Ability class, which contains all your CanCan permission settings... class Ability include CanCan::Ability def initialize(user) user ||= User.new case user when User can :create, Comment can :read, :all

问题 I'm quite new to this and I'm using cancan + devise for my user auth. However I'm not really sure what it means to set up a typical users HABTM roles relationship nor do I really understand what a HABTM relationship is. Can anyone explain it really well or point me to a good tutorial or example? 回答1: HABTM means has and belongs to many. You basically need a table as a middle man to track multiple id's (called a through table). When referenced as a typical users HABTM roles relationship, they

问题 What exactly is happening when I do: @patient.course_enrollments.accessible_by(current_ability) What seems to happen is I get course_enrollments where course.client_id = user.client.id , I just don't understand how accessible_by works. # ability.rb can :manage, CourseEnrollment, :course => {:client_id => user.client.id} 回答1: accessible_by gives you a scope that includes only those records which you'd be able to access given the current_ability . Since you stated that the :manage ability on

问题 How can i use scoping with active admin & cancan. I have admin users & those have (has_one) relation with institution and institution has many profiles Now when admin user login then i want display all profiles which has same institution. Doesn't find following link much helpful. http://activeadmin.info/docs/2-resource-customization.html#scoping_the_queries 回答1: if you just do simply this, do you get a problem? # ability.db def initialize(user) case # ... when user.super_admin? can :manage,

问题 I have model user from devise belongs_to :role Here i want to save the id of role name in database so that if first the role is guests is involve to many user. Later on if admin edit the guests to guest then problem occurs. so <% if can? :manage, @users %> <%= f.collection_select :role_id,Role.all, :id, :name ,:prompt => 'Select Role'%> <% end%> like this to work. How can i do? as i did like this in other model but in user model of devise it its not working, 来源： https://stackoverflow.com

问题 I am developing an app using Devise, Rolify and CanCan. Can I shift it completely to be administered by ActiveAdmin. Is there any documentation for that? 回答1: I know it's been a while since the question was asked... but as I found it while doing a google search, I think I can post an answer to help others. So! There is a documentation to make ActiveAdmin use Cancan for its authentication and authorization system. Here is a very simple how to add a CancanAdapter in ActiveAdmin In fact they

问题 I would like to write a test to make sure that "expert" users can create articles, and "basic" users cannot. For example, basic user cannot go here: "http://0.0.0.0:3000/articles/new" . Below is a shortened version of my articles controller, followed by the articles test. The controller works, but I would like the test to prove it out. I'm not sure what to put where it says "code goes here". Thanks. articles_controller: class ArticlesController < ApplicationController load_and_authorize

问题 I am trying to create rspec test for ability class. I successfully wrote the ability for the admin and testing this, but I don't know how write the test for the login user(login user can only update and destroy its own comments). This is ability.rb: class Ability include CanCan::Ability def initialize(user) user ||= User.new if user.admin? can :manage, :all else can :read, :all can :create, :update, :destroy, Comment, user_id: user.id end end end and this is ability_spec.rb: require 'rails

问题 In Rails 3 application I have 2 logical entities - User and Company. I'd like to have 2 different forms for sign up(for users and for companies). Also, will be great to have one login form for both of them. What I have now - configured Devise+Cancan for User model with two roles(user, company), so I have now "/users/sign_in" and "/users/sign_up". I'd like to have following urls in my application: /login /users/signup /companies/signup One other question is how to organize relationship between

问题 I just followed the tutorial "https://github.com/EppO/rolify/wiki/Tutorial" its very nice and working fine. But my question can't we add Role through form with out using Rails console. <div class="field"><%= user_form.label :email %><br /> <%= user_form.email_field :email %></div> <div class="field"><%= user_form.label :password %><br /> <%= user_form.password_field :password %></div> <div class="field"><%= user_form.label :password_confirmation %><br /> <%= user_form.password_field :password