[Rails] Re: cancan roles issue

Tue, 02 Jul 2013 01:37:44 -0700 

if user.role? :admin looks strange. the .role? indicates that it is a 
boolean, no?

On Monday, July 1, 2013 6:22:46 PM UTC-4, Phil wrote:
>
> Rails 3.2.11
> Ruby 2
>
>
> Hi,
>
> I am building my first rails app and decided to use Devise(2.2.4) and 
> Cancan(1.6.10) for auth and role management. The auth part works nicely but 
> I haven't been able to get cancan working correctly. I have one role 
> setup(admin). But when I try view the users index page it redirects me to 
> the homepage even though I'm an admin. ANy advice on where I may be going 
> wrong is most welcomed. 
>
> Here is my code:
>
> # app/models/ability.rb
> class Ability
>
>   include CanCan::Ability
>
>   def initialize(user)
>     user ||= User.new # guest user (not logged in)
>     if user.role? :admin
>       can :manage, :all
>     else
>       can :read, :all
>     end
>   end
> end
>
>
>
> # app/controllers/users_controller.rb
> class UsersController < ApplicationController
>
>   load_and_authorize_resource
>   before_filter :authenticate_user!
>
>   def index
>     @users = User.all
>     authorize! :manage, @users
>
>     respond_to do |format|
>       format.html
>       format.json  { render :json => @users }
>     end
>   end
> end
>
>
>
> # app/controllers/application_controller.rb
> class ApplicationController < ActionController::Base
>
>   protect_from_forgery
>
>   def after_sign_in_path_for(resource)
>     root_url
>   end
>
>   rescue_from CanCan::AccessDenied do |exception|
>     redirect_to root_url, :alert => exception.message
>   end
>
>   def current_ability
>     @current_ability ||= Ability.new(current_user)
>   end
>
>   #load the permissions for the current user so that UI can be manipulated
>   def load_permissions
>     @current_permissions = current_user.role.permissions.collect{|i| 
> [i.subject_class, i.action]}
>   end
>
> end
>
>
>
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to rubyonrails-talk+unsubscr...@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/rubyonrails-talk/6a428d60-4200-4545-9883-b8cda039385d%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to