I am writing a web app to pick random lists of cards from larger, complete sets of cards. I have a Card model and a CardSet model. Both models have a full RESTful set of 7 actions (:index, :new, :show, etc). The CardSetsController has an extra action for creating random sets: :random. # app/models/card_set.rb class CardSet < ActiveRe...
Which approach would you recommend to the following issue: My app needs to have an account with several users inputting tasks on the same account. Only one of the users (the one that opened the account) will have admin privileges. I'm thinking on using Authlogic for authentication and CanCan for determining user privileges. The point is...
Application-Stack: Rails3, CanCan, Devise, Shoulda I've got some nested Resources and want to test them with Shoulda and i get the following DoubleRenderError: Error: test: If anonymous user tries to GET index of fav_blogs should respond with 401. (BlogItemsControllerTest): AbstractController::DoubleRenderError: Render and/or redire...
I am developing a rails app and I have 2 different user's role: advanced and basic. Instead of to hide links in the basic user's views (a.i. using CanCan ) I want to manage 2 different set of views: one for the advanced user and one for basic user. Currently I am working in this way: case current_operator.op_type when 'basic' ...
Hi everybody, (sorry for my English ;) I started to use CanCan from rbates, this is awesome gem, but I have some problems: I have Scrap model and there is boolean field :published (so, it means published/not published (draft)). I have this rule in my ability.rb: can :create, [Scrap] can [:update, :destroy], [Scrap] do |object| obj...
I have a Deals controller and I have an action called popular. I have added the popular to the routes (as a collection, if it's worth the info) and I want everybody to be able to acess that page. I'm using CanCan and I have this: class Ability include CanCan::Ability def initialize(user) user ||= User.new alias_action [:...
You can get the current_user's permissions from a view or controller using can? in this fashion: <% if can? :update, @article %> <%= link_to "Edit", edit_article_path(@article) %> <% end %> How can I access this functionality from a model using this syntax: user.can?(:update, @article) ...
My application has 2 roles: Editor, and Admin. I want Editors to have some permissions, and Admins to have all editor permissions plus some other permissions. Here is an excerpt from my ability.rb class Ability include CanCan::Ability def initialize(user) if user.is_admin? can :edit, Post end if user.is_editor? ...
I have a TakeAction model that looks like this: class TakeAction < ActiveRecord::Base belongs_to :user has_many :take_action_notes attr_protected :user_id end and a TakeActionNote model that looks like this: class TakeActionNote < ActiveRecord::Base belongs_to :take_action validates_presence_of :note end Using CanCan, I...
In the documentation of cancan it shows how to fetch all accessible records (in http://wiki.github.com/ryanb/cancan/fetching-records) in this way: @articles = Article.accessible_by(current_ability) but what is current_ability? I've tried passing the current user which I'm using for authentication and authorization, but I've got this e...
Hi, I'm having issues when running the default tests in Rails3 beta4 with Cancan (http://github.com/ryanb/cancan). The tests are the plain vanilla auto-generated ones that look like test "the truth" do assert true end Every single test (both unit and functional) yields the following error : ActiveRecord::StatementInvalid: SQLite3::...
Hello, I use CanCan to check user permissions and display or suppress page content conditionally for my users. I want to cache my pages though, and even with fragment caching can't find an elegant solution... for example: cache do # much code if can? # little code else # little code # much code if can? # little cod...
I am having a strange issue with a collection_select I am using in an edit profile view in my rails application. The database IS being updated with the correct value, however the default value is not being selected for the select box when the user goes to edit their profile. I can not get a :include_blank => true or a :prompt => true t...
I am using Ryan Bate's CanCan gem to define abilities and some basic functionality is failing. I have a Product model and Products controller where my index action looks like this: def index @req_host_w_port = request.host_with_port @products = Product.accessible_by(current_ability, :index) end I get an error when I try to ret...
Hello, I have an app that uses Devise and CanCan. in the config>initializers>Abiliity.rb class Ability include CanCan::Ability def initialize(user) if user.is? :superadmin can :manage, :all elsif user.is? :user can :read, Project do |project| project && project.users.include?(user) end ...
Hello, I have two tables Users (name, email, password, instance_id, etc...) example: james bond, [email protected], 1 Instance (id, domain) example: 1, abc.com Through out the application I want to make sure James Bond only sees data that is assigned to his instance = 1 So if I have a books table with (name, desc, instance_id), he only ...
Hi folks, I'm trying to write up some cucumber tests to ensure cancan permissions are set correctly, and I'm having an odd problem: When I log in through the following code, capybara says I've logged in as expected. However, when I then go to a resource which requires the given login, I get CanCan's "not authorized" message. Capybara p...
Hello... Currently I'm using Devise & CanCan which allows me to create Users with Roles using a (Roles_Users) table. That's nice, but what I want is to Have Projects in my app and for each project for a user to possibly have a role like (Admin, Viewer, etc) IE, roles are not assigned to users but to users based on what projects the...
On my rails app I have implemented AuthLogic and CanCan. However when trying to figure out if the user can manage an article (checks if he is owner through the article.user_id) with CanCan I am running into issues. This should be straight forward I don't know what I'm doing wrong. User has_many Articles class Ability include CanCa...
Can you please walk me through the following line of Ruby/Rails? if user.role? :super_admin To fit my app, I updated it to: if user.role? :admin and that failed, but then I updated it to: if user.role? == 'admin' And it works as intended. Why is that? class Ability include CanCan::Ability def initialize(user) user |...