trestle icon indicating copy to clipboard operation
trestle copied to clipboard

Published 20 hours ago verified publisher icon TrestleAdmin

Is it possible to connect CanCanCan with Trestle?

Open rcholody opened this issue 5 years ago • 2 comments

I have used CanCanCan to limit specific action on admin dashboard based on role. I would like to limit some specific CRUD operations on specific model. Is it possible to also render different content on specific role? I have specified ability.rb with for example:

user can :read, Company, id: user.companies.pluck(:id)

and connect load_and_authorized_resource in controller.rb. When I have used command Company.accessible_by(ability) in IRB it give me correct feedback. But how can I connect this functionality to Trestle?

rcholody avatar Dec 06 '19 15:12 rcholody

Might help you:

https://github.com/TrestleAdmin/trestle-auth/issues/21 https://github.com/TrestleAdmin/trestle/issues/45

No real support at the moment, but it's planned.

dmitry avatar Feb 03 '20 07:02 dmitry

Is not the correct way, but in development works.

# app/admin/users_admin.rb

Trestle.resource(:users) do
  menu do
    item 'Users', icon: 'fa fa-user', group: :agenda
  end

  scope :all, default: true
  
  controller do
    def show
      @user = User.find(params[:id])
      authorize! :read, @user
    end
  end

# app/models/ability.rb
class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)

    can :create, User
    can %i[read update destroy], User, id: user.id
    can :create, Annotation
    can %i[read update show destroy], Annotation, user_id: user.id
  end
end

RuanAyram avatar Apr 03 '22 04:04 RuanAyram