Stack Overflow
Stack Overflow

Questions tagged [cancancan]

Continuation of CanCan, the authorization Gem for Ruby on Rails.

As in the project webpage:

CanCanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the Ability class) and not duplicated across controllers, views, and database queries

453 questions
0
votes
1 answer

undefined method `total_pages' error in rails4

Am using Devise for authentication and cancancan for authorization.cancancan is working fine for some controller but throws undefined method error for some screens.. assessments_controller.rb def index @projects =…
Raj
  • 950
  • 1
  • 9
  • 33
0
votes
3 answers

How do I get this if statement with && to work properly?

I have this in my view: <% if user_signed_in? && current_user.has_role? :admin or :editor %> This returns this error: syntax error, unexpected tSYMBEG, expecting keyword_then or ';' or '\n' I also tried this: <% if user_signed_in? and…
marcamillion
  • 32,933
  • 55
  • 189
  • 380
0
votes
2 answers

How do I restrict a specific scope just to users with a specific role?

So I have a Post model. My posts can be either published or unpublished. I am using Rolify, CanCanCan and Devise. What I want to happen is my :admin users, should be able to view the Post#Show action of all Posts, but my :member or guest users (i.e.…
marcamillion
  • 32,933
  • 55
  • 189
  • 380
0
votes
1 answer

Issues when using CanCan with enums with both can? and accessible_by()

I'm trying to use CanCan to restrict comments visibility on my site. In my Comment model is defined an enum: enum access_right: {nobody: 0, somebody: 1, everyone: 2} Here is an extract of my current ability.rb file: class Ability include…
User123109444
  • 1
  • 2
0
votes
1 answer

Rails - ActionController::RoutingError (No route matches [GET] "/generic.png"):

I recently updated my gemfile, and noticed the server logging the following in my dev environment - ActionController::RoutingError (No route matches [GET] "/generic.png") On production (Heroku) - I get the following - Started GET…
dan
  • 1,030
  • 1
  • 9
  • 24
0
votes
1 answer

Rails CanCan hash of conditions access denied

I'm having an issue setting up an ability that looks like this: can :read, Project, :allocate_to => user.id The problem is ability.can?(:read, my_project) returns false even though Project.accessible_by(ability) returns just the projects for that…
Mark Robinson
  • 1,479
  • 2
  • 15
  • 34
0
votes
1 answer

Deployed rails app to Heroku not working

I've created a rails app using Active Admin on Nitrous.io and all is working in that dev environment. I am using Devise/CanCanCan for authentication/authorisation When I push to heroku, and try and access Active Admin, I get the following…
bnussey
  • 1,894
  • 1
  • 19
  • 34
-1
votes
1 answer

Authorization issue with 3 types of roles using cancancan

I have the user table (created by devise), I added a role column, which can be: admin, manager and agent. And in user.rb I put an ENUM like this: class User < ApplicationRecord enum role: { admin: 0, manager: 1, agent: 2 } end I'm using cancancan…
Elton Santos
  • 571
  • 6
  • 32
-1
votes
1 answer

cancancan ability works as expected in tests, but not in practice?

I have reviews set up similar to Airbnb. These abilities should allow a guest to review a host, and a host to review a guest: # ability.rb can [:show], [Review] do |review| if review.reviewable_type == "Host" review.booking.guest_id ==…
stevec
  • 41,291
  • 27
  • 223
  • 311
-1
votes
1 answer

Rails: How to implement login and authentication where i have five different user models in rails?

I'm fairly new to rails. I'm having problem on designing the model classes. So this app will be used by 5 different users(Students, Teachers, Head and Coordinator). They each are different users to login into the website and have different…
Zaa
  • 23
  • 8
-1
votes
1 answer

Cancancan ActiveAdmin: skip authorization for :create

I'm using Cancancan for authorization in ActiveAdmin. Everything work fine except the :create. When create a new admin, cancancan will check is admin_user.id = id. However, ActiveAdmin make id = nil, so I can't create a new admin. include…
matthewng
  • 59
  • 1
  • 8
-1
votes
1 answer

Manage controllers with namespace according to user role + cancancan + rails

==> I have a website with two names spaces as below User::xyz_controller User::abc_controller Admin:xyz_controller Admin:abc_controller ==> User model with three roles admin leader consultant If the user has role leader or consultant. He should…
wish
  • 43
  • 6
-1
votes
1 answer

What is :manage, :all doing in Ruby?

I have a basic authorization class in a Rails application which looks like this: class Ability include CanCan::Ability def initialize(user) if user can :access, :rails_admin # only allow admin users to access Rails Admin can…
Vlad Balanescu
  • 664
  • 5
  • 27
-1
votes
1 answer

Different type of users with rails

I'm new in rails and want to create an app that has 3 different types of users: normal user, partners, admin what i want to do is that in the navbar you could sign up like partner or normal user and later if you are a normal user could change to…
Carlos Chiw
  • 39
  • 6
-1
votes
2 answers

Cancancan disallow Devise sign_up action

I'm trying to use cancancan to disallow access to the sign-up page for non-members. Only members should be able to create new members. I defined by ability.rb, but I don't know how I can disallow the sign_up action. This is what I tries so far: if…
bo-oz
  • 2,842
  • 2
  • 24
  • 44
1 2 3
30
31