0

I'm working on a Rails 4 app and im trying to come up with a solution. I was wondering how i could implement CanCan to allow users to access certain data. Such as a guest can only view certain parts of the content. An owner can have full access to the content and a collaborator could have partial access.

My app consists of a

User
 - Developer
 - Organization

Developer
 - Has many apps on its own
 - Has many organizations as founder or collaborator

Organization
 - Has many founders and collaborators
 - Has many apps

How can i restrict this to guests who aren't logged in can view some aspects of a developer/organization/app profile, founders has full access to the organization, owners of apps have full access and collaborators have some access. Does this make sense?

ny95
  • 680
  • 5
  • 17

1 Answers1

2

cancan only works with current_user method. I dont no if there is a way to customize this

the code example below can guide you through managing contents by only the owner

 class Ability
      include CanCan::Ability

      def initialize(user)
        user ||= User.new # guest user (not logged in)
            if user.admin?
               can :manage, :all
            else
              can :read, Content
            end

        if user
          can :create, Content
          can :manage, Content do |content|
            content.try(:user) == user
          end
        end
      end
    end
Uchenna
  • 4,059
  • 6
  • 40
  • 73