CanCan gem | cannot :index, User

StackOverflow https://stackoverflow.com/questions/2367169

  •  23-09-2019
  •  | 
  •  

문제

Very basic user model, I wish the admin user to :manage all

else cannot :index, User and some other options, but when I try and block non admin users from viewing the user index, the admin user also has not access.

this is my ability.rb

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new #guest user

    can :manage, :all if user.role == "admin" #if user.admin? can :manage, :all
    can :assign_role, User 

    else
      can :read, :all
      can :create, User


      cannot :assign_role, User
      cannot :index, User

      can [:show, :edit, :update], User do |current_user|
              user.id == current_user.id || user.role == "admin"
            end



  end
end

What can I do to stop all users being blocked from User index?

Regards

Dan

도움이 되었습니까?

해결책

Something wrong with if-else in code.

if user.role == "admin"
  can :manage, :all
  can :assign_role, User 

else
  can :read, :all
  can :create, User


  cannot :assign_role, User
  cannot :index, User
  can [:show, :edit, :update], User do |current_user|
    user.id == current_user.id || user.role == "admin"
  end

end

And also you don't have to deny non-admin user to assign role obviously (cannot :assign_role, User).

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top