cancan
cancan copied to clipboard
ryanb
Authorization Gem for Ruby on Rails.
... along with several other methods, in particular `apply_finder_options`, which could be used to emulate it. It seems a complete rewrite of the ActiveRecord adapter is in order.
Let's say you have this hypothetical order controller: ``` class OrderController < ApplicationController load_and_authorize_resource :user load_and_authorize_resource :payment_method, through: :user def new ... end end ``` You want the User to...
Setup: a place habtm clients (pure join table), a client account has many clients. Client Account Abilities defined like this: ``` can :manage, Place, :clients => { :id => client_ids...
In Rails 3.2, the default recommendation is now to through an exception on mass-assignment of protected attributes in development and test environments. In CanCan, even if one protects attributes, it...
``` ruby cannot :read, Foo can :read, Foo, ["bar_id = ?", user.bar_id] do |foo| foo.bar_id == user.bar_id end ``` yields `undefined method '%' for ["bar_id = ?", 2]` while ```...
I have a large number of controllers and so started to use the following format in ability.rb can :manage, [User, Currency, Vacation, Account, etc.] However, I got some inconsistent behaviours...
Just a heads up, I've spent a few hours trying to workout why two model checks with can? were returning true, despite only one was set for the user. Take...
This was working and now it's not. No idea why or how.
In wiki we can read: Important: If a block or hash of conditions exist they will be ignored when checking on a class, and it will return true. For example:...
Hi, I've got this code in Rails 3.2.11 project with CanCan 1.6.8: Ability model: ``` ruby if user.is_super_admin? can :manage, User cannot :manage, User, :rank => "root" end ``` in...
