Devise and cancan gems: has_many association

Posted by tiktak on Stack Overflow See other posts from Stack Overflow or by tiktak
Published on 2012-07-08T15:04:27Z Indexed on 2012/07/08 15:15 UTC
Read the original article Hit count: 255

I use devise and cancan gems and have simple model association: user has_many subscriptions, subscription belongs_to :user. Have following SubscriptionsController:

class SubscriptionsController < ApplicationController

  load_and_authorize_resource :user
  load_and_authorize_resource :subscription, through: :user

  before_filter :authenticate_user!

  def index
    @subscriptions = @user.subscriptions.paginate(:page => params[:page]).order(:created_at)
  end

  #other actions
end

And Cancan Ability.rb:

class Ability
  include CanCan::Ability

  def initialize(user)

    user ||=User.new

    can [:index, :show], [Edition, Kind]

    if user.admin?
      can :manage, :all
    elsif user.id
      can [:read, :create, :destroy, :pay], Subscription, user_id: user.id
      can [:delete_from_cart, :add_to_cart, :cart], User, id: user.id
    end

  end

end

The problem is that i cannot use subscriptions actions as a user but can as a admin. And have no problems with UsersController. When i delete following lines from SubscriptionsController:

  load_and_authorize_resource :user
  load_and_authorize_resource :subscription, through: :user

  before_filter :authenticate_user!

Have no problems at all. So the issue in these lines or in Ability.rb. Any suggestions?

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about devise