Stack Overflow
Stack Overflow

Questions tagged [cancancan]

Continuation of CanCan, the authorization Gem for Ruby on Rails.

As in the project webpage:

CanCanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the Ability class) and not duplicated across controllers, views, and database queries

453 questions
0
votes
1 answer

CanCanCan - defining abilities & syntax

I'm using Rails 4, Devise, Role Model and CanCanCan to make an app. I am trying to define abilities in my ability.rb. I am trying the following: can :read, Project, {:active => true, :closed => false && Project.sweep.disclosure.allusers =>…
Mel
  • 2,481
  • 26
  • 113
  • 273
0
votes
0 answers

Rails 4, Devise, Role Model and CanCanCan - Defining Abilities

I am using Rails 4 to make a web app. I am trying to use CanCanCan to define abilities for the various roles. I have a User model and a Profile model. Each user can have many profiles. Each profile can have a different role. In my Profile.rb, I have…
Mel
  • 2,481
  • 26
  • 113
  • 273
0
votes
1 answer

Rails, Devise, Role Model and CanCanCan - defining abilities

I am using Rails 4 to make a web app. I am trying to use CanCanCan to define abilities for the various roles. I have a User model and a Profile model. Each user can have many profiles. Each profile can have a different role. In my Profile.rb, I have…
Mel
  • 2,481
  • 26
  • 113
  • 273
0
votes
1 answer

CanCanCan: Allowing to manage only users profile

I have User model on which I use device and cancancan. Here is my ability: if user.role? :patient can :access_profile, User, :id => user.id end where access_profile alias is: alias_action :show, :edit, :update, :destroy, :to =>…
yerassyl
  • 2,958
  • 6
  • 42
  • 68
0
votes
1 answer

CanCanCan gem: Handling the case where there is no logged in user

I'm using the CanCanCan gem (v.12.0) for basic authorization. My User model does not use the concept of roles. All I am trying to do is ensure a user is logged in before they can do anything with my main model, Topic. I believe I've written my…
RobertJoseph
  • 7,968
  • 12
  • 68
  • 113
0
votes
1 answer

RoR: CanCanCan authorize only user created items

What is wrong with this code? A normal user still being able to see all relatos, when he should only see his own. My view code: <% if can? :read, Relato %> <%= relato.id %> <%= relato.cliente.name %> <%=…
Joao Carlos
  • 13
  • 4
0
votes
2 answers

User with Multiple Roles

I am creating an app where there are many Users and many Organisations. A user can be in multiple organisations, and within each Organisation they can have a single role. Currently, only 'Organisation Admin' and 'Basic User'. EDIT: For more context,…
Jaliso
  • 21
  • 8
0
votes
2 answers

How to hide checkboxes for user authorization

Good day, I am using the CanCanCan gem, an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. It is working however when users sign up, all of the options including 'admin' and 'banned' show…
achilles77
  • 325
  • 2
  • 3
  • 11
0
votes
0 answers

How to include one gem's specs into another gem's test suite

I'm trying to build a gem that adds some methods to another gem. In this case, the gem on top of which I am building is cancancan. I'm concerned, since I'll be including new methods into the CanCan::Ability module that interact with existing CanCan…
csm2115
  • 31
  • 1
  • 3
0
votes
2 answers

Why does my test try to render a different & invalid route?

I have a test that tries to view a subscription that doesn't exist. I run this test with a bunch of users from my fixtures. In the case of the user in the admin role when the app gets to the point of trying to render the response it has changed the…
Camden Narzt
  • 2,271
  • 1
  • 23
  • 42
0
votes
2 answers

Cancancan ability for specific case

I use cancancan gem for role based authorization rules. I need to preform something like: can :read, Post, Post.status = 1 This means that user can read post with status = 1. How can i do that?
Src
  • 5,252
  • 5
  • 28
  • 56
0
votes
1 answer

How to get cancancan list of abilites for current_user?

How can I get all the abilities for current_user with cancancan in a Rails application ? I've seen this topic https://github.com/CanCanCommunity/cancancan/pull/221, but who knows would be merger or not.
dsounded
  • 703
  • 5
  • 21
0
votes
2 answers

Complex conditions in CanCanCan can method

If I have user,client and request models as follows: #user.rb #client.rb has_one :user has_many :requests #request.rb belongs_to :client I use user model for CanCanCan authentication. Inside ability class i want to specify ability for…
yerassyl
  • 2,958
  • 6
  • 42
  • 68
0
votes
1 answer

Confusion between callbacks in controller?

My controller class has two before callbacks one from gem cancancan and other from within rails as: load_and_authorize_resource before_action :set_company, only: [:show, :edit, :update, :destroy] Now my questions are: 1) Is the order correct…
roarfromror
  • 276
  • 1
  • 2
  • 11
0
votes
2 answers

undefined method `total_pages'- When use load_and_authorize_resource

Am using cancancan for authorization.And am using will_paginate for table pagination. Its works fine until I add load_and_authorize_resource in controller. When using load_and_authorize_resource in controller, will_paginate throws…
Raj
  • 950
  • 1
  • 9
  • 33
1 2 3
30 31