问题
I want only the people who created an object e.g. a registry to see something =, but struggling to define everything with Devise
Here is the code:
<% if user_signed_in? && ***"current_user = registry the user created?"?(struggling with the second part)*** %>
Thanks in advance
P.S. I'm using cancan, but this will not help in my show page where I want to show page.
回答1:
This is not part of devise but of cancan.
You need to define the ability inside your cancan ability file:
user ||= User.new
can :read, Registry, :user_id => user.id
This way cancan's authorize method will allow you to do stuff like this:
@registry = Registry.find(params[:id])
authorize! :read, @registry
Obviously authorize! will throw an error if the user has no access to this resource.
If you simply want to check this in the view the registry you use:
<% if can? :read, @registry %>
do your thing here
<% end %>
By the way, all of this is documented on the cancan frontpage: https://github.com/ryanb/cancan
来源:https://stackoverflow.com/questions/11190259/if-questions-with-devise-and-rails