I have the current database estructure in my application:
Publisher has_many videos, has_many users
Video belongs_to publisher
User belongs_to publisher
I want to be able to give permissions to the users based on the publisher, but the object that actually gets edited it's the video object.
Meaning that an User X can edit videos from publisher 1 and 2 but User Y can only edit videos from publisher 2 and 3 and so on. I'm pretty sure this can be done with the CanCan, Devise, Rolify combo.
Can anyone point me in the right direction here?
sorry for the delayed response. Hopefully you've figured out your problem by now, but I will provide a solution for you.
In your CanCan ability you have something like this:
def initialize(current_user)
current_user ||= User.new
can :update, Video do |video|
current_user.publisher_list.contains? video.publisher
end
end
The above code will work if user.publisher_list returns a list of publishers a user can modify. I believe you can also do:
def initialize(current_user)
current_user ||= User.new
can :update, Video, publisher: {id: current_user.publisher_list}
end
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.