How do I use CanCan with rails admin to check for ownership

StackOverflow https://stackoverflow.com/questions/8591654

Вопрос

When a user in my app isn't an admin user i want to only let them see the fields that they have ownership of.

Is there a so set can :see or something like that on a per field basis so that it displays just the fields that that use "can see", or should I have an ability called can :oversee to state that they can see everything instead.

I suppose it's much easier to just check if the user is admin or not in rails admin, so where set rails admin to only pull the current user's records.

Это было полезно?

Решение

With cancan, you can check permissions on objects like this:

if can?(:read, order)
  # do something!
end

if can?(:email, order)
  # do something!
end

But that's only referring to visibility at the object level.

In RailsAdmin, you can set field visibility by passing in a blocks, described here.

For example:

RailsAdmin.config do |config|
  config.model Order do
    list do
      field :name
      field :profit do
        visible do
          current_user.roles.include?(:admin)
        end
      end
    end
  end
end
Лицензировано под: CC-BY-SA с атрибуция
Не связан с StackOverflow
scroll top