Stack Overflow
Stack Overflow

Questions tagged [cancan]

The CanCan gem offers a straight forward and flexible way to define what a user can and cannot do.

CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access.

CanCan uses a model to define the abilities of a user. Inside the class you declare what a user can and cannot do by using the “can” method. From your controllers you use the "can?" method to test the current user's authorization.

As development on CanCan is no longer active, it has been continued on under the new name CanCanCan.

Wiki

1405 questions
0
votes
1 answer

ActiveAdmin and CanCan

I'm utilizing roles within AdminUsers inside Active Admin and am using CanCan to define access across different resources. It's working well with regards to limiiting access, but I'm running into trouble hiding menus based on role. According to the…
RailsTweeter
  • 1,625
  • 3
  • 18
  • 33
0
votes
1 answer

Rails CanCan and Scoped attr_protected

I've got a Rails 3.1 app using CanCan 1.6. I'm protecting a variety of attributes with attr_protected ... :as => :api. I'd like to use load_and_authorize_resource, but also to strip off the protected fields. Any ideas? EDIT: Here's my current…
ideaoforder
  • 1,023
  • 2
  • 9
  • 23
0
votes
1 answer

Cancan and devise not working

I've modified my devise table, User, to have a clearance column. This column is a number (1-3) that represents a user's permissions (read, read/write, full control). Unlike all the examples I'm reading, my Clearance (Role in the examples) is not a…
Dylan Taylor
  • 69
  • 1
  • 8
0
votes
1 answer

Authorize user actions

I'm using CanCan to authorize users' actions, and it works well, but now I need to display a message to user. For example, user clicks on 'comment' button, and cancan checks for a following conditions: User is activated User is not banned User…
Alex
  • 2,309
  • 2
  • 16
  • 20
0
votes
1 answer

Nested Resources vs/and/or CanCan?

I am using Rails 3 with the CanCan gem. The models Users and Networks are a has_many :through => Roles. This part works fine. Currently I am using CanCan so that on the /networks page it will only display a network if a users has access to it. This…
dewyze
  • 979
  • 1
  • 7
  • 21
0
votes
1 answer

CanCan, Devise and the "current_user"

I have a simple setup with Cancan and Devise. I wanna show the edit button only to "Admins" and Users which owns the "location": So in the show.html.erb I have <% if can? :manage, location, :user_id == current_user.id %> <%= link_to 'Edit',…
Jan
  • 12,992
  • 9
  • 53
  • 89
0
votes
3 answers

How can i use ".has_role?" from Rolify within Tabulous?

I have an app that uses Rolify, Devise, CanCan, and Tabulous. In my tabulous.rb file, I want to be able to define the Visibility? of a tab by calling: (current_user.has_role? :admin) So the config.tabs do will look something like this: # TAB NAME |…
FilmiHero
  • 2,306
  • 7
  • 31
  • 46
0
votes
1 answer

Rails 3: Project-based permissions

I am building an internal project management software (ala Basecamp) that will be for our internal and external use. I am struggling to find the best strategy for doing advanced permissions though. Like Basecamp, there will be a number of clients,…
John R
  • 301
  • 3
  • 14
0
votes
1 answer

can not use cancan

I am following rails casts episode 192 for cancan (http://railscasts.com/episodes/192-authorization-with-cancan?autoplay=true). I have ruby 1.9.3 and rails 3.2.3 My gem file has this content group :test, :development do gem 'rspec-rails', '~>…
abhishek dagar
  • 77
  • 1
  • 9
0
votes
1 answer

uninitialized constant ApplicationController::CanCan (NameError) in production

I've using nginx + unicorn at production And I've got following error at log/unicorn.log but it's work fine at localhost (in both environments development and production) I, [2012-07-01T19:20:39.905978 #15422] INFO -- : Refreshing Gem list E,…
ck3g
  • 5,829
  • 3
  • 32
  • 52
0
votes
2 answers

Cancan Ability Issue with Inheritance

I'm having problems restricting the data shown to a specific user group using cancan.. My Users have many Products. And Products have many Vouchers. In my routes.rb I have this: resources :products do resources :vouchers end In ability.rb: can…
simonmorley
  • 2,810
  • 4
  • 30
  • 61
0
votes
1 answer

cancan and views testing with capybara

sorry for my english, I have a problem while testing views with capybara. Capybara can't view the elements validated with cancan, I have this in my tests, to simulate that the user has permissions for all. before(:each) do permission =…
el_quick
  • 4,656
  • 11
  • 45
  • 53
0
votes
1 answer

If questions with Devise and Rails?

I want only the people who created an object e.g. a registry to see something =, but struggling to define everything with Devise Here is the code: <% if user_signed_in? && ***"current_user = registry the user created?"?(struggling with the second…
Erin Walker
  • 739
  • 1
  • 11
  • 30
0
votes
2 answers

How to disallow user actions in CanCan

In my ability.rb file, how can I set it so that only defined users can do things, else (an undefined/not logged in user) cannot do anything? Example: def initialize(user) user ||= User.new #not logged in user if user.admin_user? can…
dwmcc
  • 1,034
  • 8
  • 19
0
votes
1 answer

Assign user roles with CanCan?

Ive setup a application with two basic user roles. A admin who can manage everything and a normal user and can create things (jobs & clients) but can not delete. I'm a bit stumped though as to how can assign roles to the users. I assume it would be…
Keva161
  • 2,623
  • 9
  • 44
  • 68
1 2 3
93 94