I have installed devise.
I did,
rails g cancan:ability
This is the Ability class I got in app/models
class Ability
include CanCan::Ability
def initialize(user)
# Define abilities for the passed in user here. For example:
#
# user ||= User.new # guest user (not logged in)
# if user.admin?
# can :manage, :all
# else
# can :read, :all
# end
#
# The first argument to `can` is the action you are giving the user permission to do.
# If you pass :manage it will apply to every action. Other common actions here are
# :read, :create, :update and :destroy.
#
# The second argument is the resource the user can perform the action on. If you pass
# :all it will apply to every resource. Otherwise pass a Ruby class of the resource.
#
# The third argument is an optional hash of conditions to further filter the objects.
# For example, here the user can only update published articles.
#
# can :update, Article, :published => true
#
# See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
end
end
posts table
Table "public.posts"
Column | Type | Modifiers
-------------+------------------------+----------------------------------------------------
id | integer | not null default nextval('posts_id_seq'::regclass)
title | character varying(100) | not null
content | character varying(500) | not null
created_at | date |
updated_at | date |
tags | character varying(55) | not null default '50'::character varying
category_id | integer | not null default 1
user_id | integer |
Indexes:
"posts_pkey" PRIMARY KEY, btree (id)
users table
Table "public.users"
Column | Type | Modifiers
------------------------+-----------------------------+----------------------------------------------------
id | integer | not null default nextval('users_id_seq'::regclass)
email | character varying(255) | not null default ''::character varying
encrypted_password | character varying(128) | not null default ''::character varying
reset_password_token | character varying(255) |
reset_password_sent_at | timestamp without time zone |
remember_created_at | timestamp without time zone |
sign_in_count | integer | default 0
current_sign_in_at | timestamp without time zone |
last_sign_in_at | timestamp without time zone |
current_sign_in_ip | character varying(255) |
last_sign_in_ip | character varying(255) |
confirmation_token | character varying(255) |
confirmed_at | timestamp without time zone |
confirmation_sent_at | timestamp without time zone |
username | character varying(255) | not null
is_admin | boolean | default false
created_at | timestamp without time zone |
updated_at | timestamp without time zone |
Indexes:
"users_pkey" PRIMARY KEY, btree (id)
"index_users_on_confirmation_token" UNIQUE, btree (confirmation_token)
"index_users_on_email" UNIQUE, btree (email)
"index_users_on_reset_password_token" UNIQUE, btree (reset_password_token)
"index_users_on_username" UNIQUE, btree (username)
Now how can I set up cancan to allow/deny some actions of PostController, CommentsController? If the user.is_admin = true then user can edit, delete posts, comments. Otherwise a normal user can only add post after registering. Any guest user can comment for any post.
In PostsController I have
before_filter :authenticate_user! , :except => [:index, :show, :bla1, :bla2, :bla3, :bla4, :bla5, :bla6, :bla7, :bla8, :bla9]
In every controller I had to write such line, that’s tedious. Is there any shortcut way to reduce such line in every controller?
you should set your ability.rb this way.
and in yours controllers
Hope it will be helpfull. 🙂