Stack Overflow
Stack Overflow

Questions tagged [cancancan]

Continuation of CanCan, the authorization Gem for Ruby on Rails.

As in the project webpage:

CanCanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the Ability class) and not duplicated across controllers, views, and database queries

453 questions
0
votes
1 answer

Facing issues in using cancancan with authlogic in rails4

gem 'authlogic' gem 'cancancan', '~> 1.10' in my gem file. I have given this in my ability.rb class Ability include CanCan::Ability def initialize(employee) employee ||= Employee.new alias_action :create, :read, :update, :destroy, :to…
Dinshaw Raje
  • 933
  • 1
  • 12
  • 33
0
votes
1 answer

Cancancan authorisation of nested resources

I've an Account model which "has many" Users and also "has many" Meters. The Meter object has an account_id column so it's easy to define an ability for this in Cancancan: if user can :crud, Meter, :account_id => user.account_id end However, a…
Joe Czucha
  • 4,123
  • 2
  • 20
  • 28
0
votes
1 answer

Rails 4: cancan not able to view the edit or delete for comments

After using cancan not able to view edit or delete in the comments,comments are related to jobs. user ||= User.new # guest user (not logged in) if user.admin? can :access, :rails_admin # only allow admin users to…
Nike
  • 61
  • 9
0
votes
2 answers

CanCanCan gem with Devise + Omniauth Ruby on Rails

Im using an Omniauth + Devise authentication system, where the user can register with his e-mail + password or with his Google+ account. Now I need to use CanCanCan gem to check if the user that is loging in has permissions to go to the after login…
Miguel Rebola
  • 120
  • 1
  • 2
  • 12
0
votes
1 answer

Authorizations and Groups with Rails and CanCanCan

I have a User and an Organization model with a many-to-many association, via a Membership model. Users (there are no roles) should only be able to create, read, and update Organizations to which they belong as members. I've put the following in…
zapatos
  • 285
  • 4
  • 12
0
votes
1 answer

cancancan ability with rails 4.0

I am using cancancan authentication mechanism in my rails application. I want only those users who are owner of their own posts and comments t be edited and deleted , and admin to manage all the things. my admin ability is working fine but others…
kali
  • 133
  • 1
  • 7
0
votes
1 answer

how to use cancancan with displaying certain aspect of a page to certain users

I am new to ruby on rails, i am using rails 4 and cancancan, i also using Devise gem. i have 4 different users, Admin, School, Franchise Owner, and regular users, i have an ability model which has this in it: `class Ability include…
Edgar
  • 543
  • 10
  • 20
0
votes
1 answer

Pagination with CanCan block

With will_paginate or Kaminari you can paginate with scopes and CanCanCan. Explained here, How to do pagination with cancan? But that only explains how to do it if your CanCan ability uses hashes. That won't work if you use a block. Which I…
bfcoder
  • 3,042
  • 2
  • 28
  • 35
0
votes
1 answer

Using Vanity URLs and CanCanCan gem (load_and_authorize_resource error)

I'm attempting to use Vanity URLs in my Rails app so that instead of an ID, the username is shown. I've created the slug so that the username is used in the url instead of the id (everything works here ok), the issue I'm facing occurs when I try to…
Kyle Bachan
  • 1,053
  • 2
  • 15
  • 33
0
votes
1 answer

Rails + CanCan: Disallow User from Joining a Group if Already a Member

I have a Rails app, using CanCan for authorization. I have Users that can have Memberships in Groups. I would like to create a CanCan rule that authorizes a user to create a group membership only if they are not already a member of that group. So…
SingleShot
  • 18,821
  • 13
  • 71
  • 101
0
votes
1 answer

Ror: cancancan hide index page on specific users type

I got an issue with cancancan gem and inherited tables on Ruby on rails. My account model has multiple inherited models Teacher < Account, Director < Account which have different abilities. Here are my rules: "in ability.rb" if account.director? …
maxencenoel
  • 23
  • 7
0
votes
1 answer

Cannot access attribute in ActiveRecord

I want to bring CanCanCan to my Rails app but I fail at read the role attribute of my user-class. I only need a "one role per user" solution so I added a column 'role' to my user model and migrated it successfully but when I try to read the…
ofhouse
  • 3,047
  • 1
  • 36
  • 42
0
votes
1 answer

Defining a complex ability using CanCanCan

In my data model: Company has_many offices Employee has_many offices, through: :employee_office (this is how I am allowing Company administrators to permission employees for certain offices and not others) Office has_many appointments and…
jackerman09
  • 2,492
  • 5
  • 29
  • 46
0
votes
1 answer

CanCan(Can) and Activeadmin: Index on nested relations

I am using CanCan(Can) together with ActiveAdmin. However, I am seriously struggling to get CanCan(Can) to work properly on index for a “has_many through” relationship. Basically my Invoice model looks like this class Invoice < ActiveRecord::Base …
charliez
  • 163
  • 2
  • 14
0
votes
2 answers

Multiple Devise users or one user and permissions with CanCanCan?

What is the preferred way to achieve two types of users (Client, Admin) with different attributes and behaviors? Having two types of users created by Devise or having just one User model and setting permissions via CanCanCan? Thanks
gonzalomelov
  • 971
  • 1
  • 13
  • 30
1 2 3
30 31