cancancan

Rails Cancan: Defining Default Role on Signup

僤鯓⒐⒋嵵緔 提交于 2019-12-12 05:39:12
问题 I've recently added roles to my rails application with CanCanCan (by enumeration)- but now I want to add a default role on signup. How do I go about doing this? Does it go in the controller or model? My User model: class User < ActiveRecord::Base #Defining different roles enum role: [:Admin, :User, :Guest] #Users can only create one scholarship application has_one :applications # Include default devise modules. Others available are: # :confirmable, :lockable, :timeoutable and :omniauthable

RoR: CanCanCan authorize only user created items

£可爱£侵袭症+ 提交于 2019-12-12 05:28:35
问题 What is wrong with this code? A normal user still being able to see all relatos, when he should only see his own. My view code: <% if can? :read, Relato %> <td><%= relato.id %></td> <td><%= relato.cliente.name %></td> <td><%= relato.projeto.name %></td> <td><%= relato.local.logra %></td> <td><%= relato.time %></td> <td><%= relato.comment %></td> <% end %> My Ability class: can :manage, :all if user.role == "admin" if user.role == "normal" can :read, Relato , :user_id => user.id can :manage,

Can't generate cancan:ability

南笙酒味 提交于 2019-12-12 03:55:55
问题 In ruby on rails gemfile i added gem 'cancancan', '~> 1.10', then ran bundle install and after that rails g cancan:ability. This is what i get in my console Running via Spring preloader in process 3455 Expected string default value for '--test-framework'; got false (boolean) Expected string default value for '--jbuilder'; got true (boolean) Expected boolean default value for '--markerb'; got :erb (string) Expected string default value for '--test-framework'; got false (boolean) Expected

How to understand load_resource and authorize_resource methods of cancancan gem?

 ̄綄美尐妖づ 提交于 2019-12-11 11:49:20
问题 I am using the cancancan gem in my rails application. But I am not much clear for the meaning of load_and_authorize_resource method. I know this is the same as calling load_resource and authorize_resource . load_resource will create a new instance of a model, or get a instance by params[:id] , or a collection of instances, then authorize_resource method will use these instances to authorize. But if I already have a Model.find(params[:id]) or Model.new in each controller action, dose I need to

Rails 4 Authentication model with roles

醉酒当歌 提交于 2019-12-11 09:08:25
问题 I am beginner in Rails world, so hoping I will be able to find an answer here. The project that I am working on, has to have User Authorization with roles, for simple users and for admins. With admin privileges I want to be able reset password for simple users or to add roles for them. I was trying to apply Devise with cancancan gems, but unfortunately, couldn't make it work and I am not sure if that is even possible. So my question is which gems would you recommend to have such behavior. Or

Unable to use CanCanCan with ActiveAdmin and Devise undefined method `dashboards' for #<AdminUser>

末鹿安然 提交于 2019-12-11 07:19:34
问题 I'm constructing an admin panel with active admin I've installed the three gems gem 'activeadmin', github: 'activeadmin' gem 'devise' gem 'cancancan' I set it up as follows: rails g active_admin:install # Created a nice admin panel, with AdminUser Model rails generate active_admin:resource MyModel # Added all my models config/active_admin.rb config.authorization_adapter = ActiveAdmin::CanCanAdapter config.cancan_ability_class = Ability config.authentication_method = :authenticate_admin_user!

Rails 5 compatibility between Paranoia and CanCanCan, compromised?

十年热恋 提交于 2019-12-11 05:05:16
问题 I'm having the exact same issue as described on this thread: Rails 5 only_deleted with cancancan #356 I can access a deleted record, like this: @area = Area.only_deleted.find(params[:id]) but if I add load_and_authorize_resource to my controller, it'll attempt to run the query like this: @area = Area.find(params[:id]) which will result in error since it won't find a record with that id on a collection where deleted_at isn't null (not deleted records, the purpose of the Paranoia gem). If I

How do I setup my CanCanCan permissions correctly?

隐身守侯 提交于 2019-12-10 15:04:48
问题 I am a little confused about how to configure CanCanCan properly. For starters, do I have to add load_and_authorize_resource to every controller resource I want to restrict access to? This is what I would like to do: Admin can manage and access all controllers and actions Editor can read all, manage :newsroom, and can manage all Posts Member can read every Post and can create & update Posts (not edit/delete/anything else), cannot access the newsroom. The difference between an update & edit

Adding a Controller without corresponding model while using cancancan

旧巷老猫 提交于 2019-12-07 21:19:53
问题 I've added a controller collaborators to manage a particular type of join association between Users and Companies . The issue is that whenever I load anything from collaborators , I get the error uninitialized constant Collaborator From my understanding, this is because there is no model Collaborator and I am using cancancan for authorization. From the old cancan (note not cancancan) documentation, I've been able to gather that controllers that don't have a corresponding model need to have a

Adding a Controller without corresponding model while using cancancan

不羁的心 提交于 2019-12-06 05:02:19
I've added a controller collaborators to manage a particular type of join association between Users and Companies . The issue is that whenever I load anything from collaborators , I get the error uninitialized constant Collaborator From my understanding, this is because there is no model Collaborator and I am using cancancan for authorization. From the old cancan (note not cancancan) documentation , I've been able to gather that controllers that don't have a corresponding model need to have a model manually authorized for them something like: load_and_authorize_resource :the_model, :parent =>
订阅 cancancan