CanCan based access with multiple views

StackOverflow https://stackoverflow.com/questions/18453890

Question

I'm working on a Rails 4 app and im trying to come up with a solution. I was wondering how i could implement CanCan to allow users to access certain data. Such as a guest can only view certain parts of the content. An owner can have full access to the content and a collaborator could have partial access.

My app consists of a

User
 - Developer
 - Organization

Developer
 - Has many apps on its own
 - Has many organizations as founder or collaborator

Organization
 - Has many founders and collaborators
 - Has many apps

How can i restrict this to guests who aren't logged in can view some aspects of a developer/organization/app profile, founders has full access to the organization, owners of apps have full access and collaborators have some access. Does this make sense?

Was it helpful?

Solution

cancan only works with current_user method. I dont no if there is a way to customize this

the code example below can guide you through managing contents by only the owner

 class Ability
      include CanCan::Ability

      def initialize(user)
        user ||= User.new # guest user (not logged in)
            if user.admin?
               can :manage, :all
            else
              can :read, Content
            end

        if user
          can :create, Content
          can :manage, Content do |content|
            content.try(:user) == user
          end
        end
      end
    end
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top