Home/ Questions/Q 4018962
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T10:02:51+00:00

models/ability.rb class Ability include CanCan::Ability def initialize(user) user ||= User.new # guest user if

  • 0

models/ability.rb

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user

    if user.role? :admin
      can :manage, :all
    else
      can :read, :all
      can :create, Comment
      can :update, Comment do |comment|
        comment.try(:user) == user || user.role?(:moderator)
      end
      if user.role?(:author)
        can :create, Article
        can :update, Article do |article|
          article.try(:user) == user
        end
      end
    end
  end
end

In Railscasts there are methods user.role? :admin & if user.role?(:author).I dont get it. Do i need to create a method in model to make it work?

I’m storing roles in Users table as a role column.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, you need to write this yourself. However, the CanCan project has a wiki page describing how to do this.

    The first line of the wiki says:

    “CanCan is decoupled from how you
    implement roles in the User model, but
    how might one set up basic role-based
    authorization?”

    Note that I disagree almost completely with the example on that page that uses a role_mask, but the page is still good and should give you some ideas.

    There is also the Separate Role Model example, which I personally like better. It depends on where you want to store your role information.

    • 0