Accessing Devise helper methods from CanCan, etc
https://stackoverflow.com/questions/4275333
-
28-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
This seems like an easy question that I just can't wrap my head around.
Using Devise for authentication and CanCan for authorization on a new Rails 3 app.
How can I access methods defined in ApplicationController within the Ability class that CanCan provides?
a.k.a., something like this:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # Guest user.
can :create, Post if user_signed_in?
end
end
where user_signed_in? is defined in ApplicationController.
Solution
This might not be the answer you wanted, but it seems like you are wanting to mix code concerns that shouldn't be mixed.
Is it a good idea to access user_signed_in? inside your authorisation rules? ... Since authorisation is only concerned with what someone can do, and should not be concerned with if that someone is authenticated (or not).
A before filter (before_filter :authenticate_user!) on your Posts controller to check that your user is authenticated should be enough to do achieve your objective; Your authorisation rules can be run alongside the authentication check, rather than mixed up with it's code.
It's a layered approach :-)
