Ror: cancancan hide index page on specific users type

Question

I got an issue with cancancan gem and inherited tables on Ruby on rails. My account model has multiple inherited models Teacher < Account, Director < Account which have different abilities.

Here are my rules: "in ability.rb"

if account.director?
  can :manage, Account, profile: [ :teacher, :director ]
end

if account.teacher?
  can :manage, Account, profile: [ :teacher ]
end

My route file looks like:

resources :directors, controller: :accounts, profile: :director
resources :teachers, controller: :accounts, profile: :teacher

When I'm logged in as a teacher and I go to /directors (index page), Cancan should raise a Unauthorized::AccessDenied message instead of displaying the directors page.

I probably missed something in the doc. Is someone could enlighten me?

Thanks

Eraden · Answer 1 · 2015-01-24T15:55:32.447

0

Accouding to this:

can :read, Project, :active => true, :user_id => user.id

Something like that inside Ability class should match Rails STI sub-class:

can :manage, Account, type: 'Teacher'

edited Jan 24 '15 at 15:55

answered Jan 24 '15 at 15:48

Eraden

2,818
1
19
17

Ror: cancancan hide index page on specific users type

1 Answers1