I have the following in ability.rb can :index, Thread can :show, Thread do |thread|

Question

0

Asked: May 27, 20262026-05-27T17:47:41+00:00 2026-05-27T17:47:41+00:00

I have the following in ability.rb can :index, Thread can :show, Thread do |thread|

0

I have the following in ability.rb

  can :index, Thread

  can :show, Thread do |thread|
    1 == 2
  end

I hard coded show to result as false to test a fail. Shockingly, show never fails. Both Thread index and Thread show both return without resulting in a CanCan access denied. What’s going on with that? Suggestions? Thx

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T17:47:42+00:00

As can be seen here :index and :show are aliases of :read, that means they are synonyms.

When you say can :index, Thread that means the user will be able to read anything.
When you later define second rule can :show, Thread {|t| 1 == 2}, the CanCan query for successive rules is disjunctive, that is result = rule1 or rule2. To have the result computed via difference result = rule1 - rule2 use cannot for the 2nd rule:

cannot :show, Thread {|t| 1 == 2}

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have the following in ability.rb can :index, Thread can :show, Thread do |thread|

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply