stackoom
  简体   繁体   中英

Rails, abilities with cancancan

 原文  2016-03-31 13:45:56       ruby-on-rails/ block/ roles/ cancan/ cancancan

Question

I am using cancancan to define abilities for my demo restaurant app. Each restaurant has_many employees and each employee has user_id and role attributes. I would like to allow a user to edit a restaurant only if this restaurant has an employee with user_id as the current_user.id and his role is 'manager'. My problem is that this role could be given to a lot of employees and when I find them by 

can :edit, Restaurant do |restaurant|
    restaurant.employees.where(role: 'Manager').id=user.id 
end

I would get an array of all managers and this code would not return true. Any ideas of how to implement this :? Thanks!

1 answers

solution1
 2 ACCPTED  2016-03-31 13:53:55

You're probably looking for something more like this: 

can :edit, Restaurant do |restaurant|
  restaurant.employees.where(role: 'Manager', user_id: user.id).exists?
end

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Rails 4 - cancancan - defining abilities Rails CanCanCan & Defining Abilities Rails - CanCanCan - common abilities rails cancancan has_many through abilities Rails CanCanCan resource abilities based on department Rails Devise Role Model & CanCanCan - defining abilities Rails, Devise, Role Model and CanCanCan - defining abilities Rails: Using CanCanCan Abilities to hide elements Rails - CanCanCan, Rolify, Define - Defining Abilities for associated model Rails Permissions: CanCanCan Abilities- Show only what user creates
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM