cancancan

How to authorize namespace, model-less controllers using CanCanCan?

£可爱£侵袭症+ 提交于 2021-01-29 04:34:15
问题 What is the correct way to authorize and check abilities for a namespaced, model-less controller using CanCanCan? After much googling and reading the wiki, I currently have #controllers/namespaces/unattacheds_controller.rb def Namespaces::UnattachedsController authorize_resource class: false def create # does some stuff end end #models/ability.rb def admin can [:create], :namespaces_unattacheds end #view/ <%= if can? :create, :namespaces_unattacheds %> # show a create form to authorized users

check_authorization causes custom devise controller to fail?

て烟熏妆下的殇ゞ 提交于 2021-01-07 02:52:34
问题 Background I have a simple app with devise and cancancan. Because I wanted to add a little bit of custom logic to the signup process, I used devise with customised controllers, which simply means devise uses the users controller (rather than devise controllers) for all of the things devise does. Problem When I add check_authorization to the application controller, and skip_authorization_check to all of the user (devise) controllers, I still get the following error raised when the user tries

check_authorization causes custom devise controller to fail?

冷暖自知 提交于 2021-01-07 02:51:41
问题 Background I have a simple app with devise and cancancan. Because I wanted to add a little bit of custom logic to the signup process, I used devise with customised controllers, which simply means devise uses the users controller (rather than devise controllers) for all of the things devise does. Problem When I add check_authorization to the application controller, and skip_authorization_check to all of the user (devise) controllers, I still get the following error raised when the user tries

rails_admin with cancan not catching access denied exception for redirect

落花浮王杯 提交于 2020-08-27 07:07:10
问题 I am using rails 5, rails_admin, devise and cancancan. Everything works correctly, but when there is access denied, it shows a 'You are not authorized to access this page' error screen. I want to redirect to root_path, I've been searching and I only found that I have to write in app/controllers/application_controller.rb this code: class ApplicationController < ActionController::Base rescue_from CanCan::AccessDenied do |exception| redirect_to root_path, :alert => exception.message end end And

rails_admin with cancan not catching access denied exception for redirect

假装没事ソ 提交于 2020-08-27 07:07:05
问题 I am using rails 5, rails_admin, devise and cancancan. Everything works correctly, but when there is access denied, it shows a 'You are not authorized to access this page' error screen. I want to redirect to root_path, I've been searching and I only found that I have to write in app/controllers/application_controller.rb this code: class ApplicationController < ActionController::Base rescue_from CanCan::AccessDenied do |exception| redirect_to root_path, :alert => exception.message end end And

How do you authorize access to a page dealed by a controller without corresponding model with Cancancan?

浪尽此生 提交于 2020-06-01 05:39:29
问题 The issue A Spree admin controller without corresponding model, whose access trial redirect to an other page. The corresponding attempt code: module Spree module Admin class TutorialsController < Spree::Admin::BaseController authorize_resource :class => false def index end end end end And in app/models/spree/ability_decorator.rb the following was added: can :manage, :'tutorial' can :manage, :'admin/tutorial' can :manage, :'admin_tutorial' can :manage, :'spree/admin/tutorial' can :manage, :

Check if any of multiple conditions are true in Ruby

落爺英雄遲暮 提交于 2020-01-17 07:28:28
问题 I have the following Ruby conditional: <% if can? :read, %w(policy journey crash user).map(&:to_sym) %> Which I want to translate to: if the user has read permissions for any of the resources in the array. However it always returns false. How can I fix it? I don't want to do: if can? :read, :policy || can? :read, :journey || etc... 回答1: Sure you can. Enumerable#any? is exactly what you're looking for: <% if %i(policy journey crash user).any? { |action| can? :read, action } %> The above will

Rails, Devise, Role Model and CanCanCan - defining abilities

我们两清 提交于 2019-12-25 06:36:31
问题 I am using Rails 4 to make a web app. I am trying to use CanCanCan to define abilities for the various roles. I have a User model and a Profile model. Each user can have many profiles. Each profile can have a different role. In my Profile.rb, I have defined my roles (using Role Model gem) as: include RoleModel roles :admin, :manager, # coalfacer :student, :educator, :researcher, :ktp, :faculty_manager, :ip_asset_manager, # for universities :sponsor, # for industry :project_manager,

Rails 4: CanCanCan abilities with has_many :through association

南楼画角 提交于 2019-12-24 05:03:13
问题 I have a Rails app with the following models: class User < ActiveRecord::Base has_many :administrations has_many :calendars, through: :administrations end class Calendar < ActiveRecord::Base has_many :administrations has_many :users, through: :administrations end class Administration < ActiveRecord::Base belongs_to :user belongs_to :calendar end For a given calendar , a user has a role , which is define in the administration join model. For each calendar, a user can have only one of the

How to use CanCanCan with enum field?

我与影子孤独终老i 提交于 2019-12-21 20:26:32
问题 I got Article model with enum field enum status: [:pending, :done] . Here's my ability file class Ability include CanCan::Ability def initialize(user) user ||= User.new if user.member? can :read, Article.done end end end In view I am trying to render Article.done collection for member but nothings renders. <% if can? :read, Article.done %> <%= render partial: 'article', collection: Article.done, as: :article %> <% end %> Therefore I have a question: is there any possible way to work with enum