Stack Overflow
Stack Overflow

Questions tagged [cancancan]

Continuation of CanCan, the authorization Gem for Ruby on Rails.

As in the project webpage:

CanCanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the Ability class) and not duplicated across controllers, views, and database queries

453 questions
3
votes
2 answers

fetching logged in user associated record in rails_admin

I have installed rails_admin gem without any error its display models crud too,but i have requirement in which i need to show current_user logged in associated data e.g User has many Books so in rails admin i want only that user book but…
uzaif
  • 3,511
  • 2
  • 21
  • 33
3
votes
1 answer

CanCanCan for custom controllers with not models

I know how to restrict access for RESTful applications with CanCan in Rails 5. Some of my actions and controllers are not RESTful. For example I have a report_controller with a user_report method. There is no model directly linked to this…
almo
  • 6,107
  • 6
  • 43
  • 86
3
votes
1 answer

Controller Test, user need to login in every test-unit

I want to test appointments_controller but a user needs to sign in to create an appointment. I use cancancan, how can the user automatically login in a test unit? Here is my code test/controllers/appointments_controller_test.rb include CanCanCan …
Peter
  • 719
  • 1
  • 8
  • 19
3
votes
0 answers

Ruby / Rails CanCanCan Rolify ActiveAdmin

I am using RoR, CanCanCan, Rolify, and ActiveAdmin. I can log in and see pages, but cannot login as admin. I am not sure what I am doing wrong here. admin/dashboard.rb ActiveAdmin.register_page "Dashboard" do menu priority: 1, label: proc{…
alwaysLearning
  • 33
  • 4
3
votes
1 answer

using session variables in CanCan with ActiveAdmin

Using Rails 4.2.1, ActiveAdmin 1.0.0pre2, CanCanCan 1.13.1 I need to use session variables as part of my CanCan authorization. The reason I want this (instead of storing the variable in the database) is to enable an admin to have different roles on…
Eli R.
  • 188
  • 11
3
votes
1 answer

CanCanCan Ability Viewing in the UI

I'm working with a large list of abilities for users with different Role types on a rails application. This is with the CanCanCan gem. It has gotten quite large, and I have non-dev users who want to be able to see a run-down of abilities for…
Nick Schwaderer
  • 1,030
  • 1
  • 8
  • 21
3
votes
1 answer

cancancan create permission not working properly with conditions hash

I want admin User to be able to create new users for this account and read, update users from this account. can [:create, :read, :update], User, id: account_users_ids is not working if account_users_ids is not en empty array. I need to split…
user1136228
  • 967
  • 9
  • 22
3
votes
2 answers

Ruby On Rails Rolify + CanCanCan + Devise allow user to edit only their posts

I have built Ruby On Rails application using Devise + CanCanCan + rolify Tutorial. Here is my Ability model: class Ability include CanCan::Ability def initialize(user) user ||= User.new # guest user (not logged in) if user.has_role?…
pavjel
  • 486
  • 10
  • 25
3
votes
1 answer

How to use CanCanCan with enum field?

I got Article model with enum field enum status: [:pending, :done]. Here's my ability file class Ability include CanCan::Ability def initialize(user) user ||= User.new if user.member? can :read, Article.done end end end In…
Alex Nikolsky
  • 2,087
  • 6
  • 21
  • 36
3
votes
1 answer

Devise and Cancancan - How to make it work?

I am making a web app (chat sort of thing) since yesterday I switched from Pundit (as it was too difficult) to Cancancan (it looked better for me). I am trying to make something simple to work such as displaying all Articles and its option (show,…
Fresz
  • 1,804
  • 2
  • 16
  • 29
3
votes
1 answer

How to test cancancan abilities in controller test with default testing framework (minitest)

In my rails app I have two user roles: 'student' and 'admin'. They have different access authorization to different pages, e.g., 'admin' can access listing users page (index) but 'student' cannot. This is controlled using cancancan. Now I am writing…
Jiasen Xu
  • 301
  • 2
  • 6
3
votes
1 answer

Using scopes in cancan, ability.rb

I'm using cancancan for authorisation. I want to allow anyone read access to users within a scope. I have this in user.rb - class User < ActiveRecord::Base scope :published, -> { describes scope, works happily } end The cancancan docs describe…
dan
  • 1,030
  • 1
  • 9
  • 24
3
votes
1 answer

Rails 4: CanCanCan abilities with has_many :through association

I have a Rails app with the following models: class User < ActiveRecord::Base has_many :administrations has_many :calendars, through: :administrations end class Calendar < ActiveRecord::Base has_many :administrations has_many :users,…
Thibaud Clement
  • 6,607
  • 10
  • 50
  • 103
3
votes
0 answers

Nested routing and authorization using CanCanCan in Rails

There is the following routing: resources :accounts, only: [:update] do get 'search', on: :collection resources :transactions, only: [:create] end Abilities: can [:update, :search], Account can [:create, :index], Transaction Controller: #…
malcoauri
  • 11,904
  • 28
  • 82
  • 137
3
votes
1 answer

cancancan load_and_authorize_resource NameError

I use the CanCanCan, Devise and Rolify gem to for authentication and permission management. But when I create a new controller I got this message: NameError in PanelController#dashboard uninitialized constant Panel My PanelController: class…
Evolutio
  • 976
  • 17
  • 37
1 2
3
30 31